fix: update content security headers

2021-03-16 15:44:00 +01:00 · 2021-03-16 15:44:00 +01:00 · 8df0fdd8c3
parent d1008a7366
commit 8df0fdd8c3
2 changed files with 2 additions and 4 deletions
--- a/layouts/index.headers
+++ b/layouts/index.headers
@ -2,8 +2,7 @@
  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
  X-Content-Type-Options: nosniff
  X-XSS-Protection: 1; mode=block
-  Content-Security-Policy: default-src 'self'; frame-ancestors https://jamstackthemes.dev; manifest-src 'self'; connect-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self' 'nonce-D9lYHmnDA/pVyXs6HQZq4gBs7gwpDOjyJz/jQNYQ/ziWEj7+xYf9zOwDw6kmrhYc
-gwPqbqBXeoOEfPXt9EiIyQ=='; style-src 'self'
+  Content-Security-Policy: default-src 'self'; frame-ancestors https://jamstackthemes.dev; manifest-src 'self'; connect-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self' 'nonce-0xLTIcPMhXKdCDrYV7U9Lg=='; style-src 'self'
  X-Frame-Options: SAMEORIGIN
  Referrer-Policy: strict-origin
  Feature-Policy: geolocation 'self'
--- a/layouts/partials/footer/script-footer.html
+++ b/layouts/partials/footer/script-footer.html
@ -61,8 +61,7 @@
  {{ end -}}
  {{ if .Site.Params.options.kaTex -}}
    <script src="{{ $katex.Permalink }}" defer></script>
-    <script src="{{ $katexAutoRender.Permalink }}" onload="renderMathInElement(document.body);" nonce="D9lYHmnDA/pVyXs6HQZq4gBs7gwpDOjyJz/jQNYQ/ziWEj7+xYf9zOwDw6kmrhYc
-    gwPqbqBXeoOEfPXt9EiIyQ==" defer></script>
+    <script src="{{ $katexAutoRender.Permalink }}" onload="renderMathInElement(document.body);" nonce="0xLTIcPMhXKdCDrYV7U9Lg==" defer></script>
  {{ end -}}
  {{ if .Site.Params.options.flexSearch -}}
    <script src="{{ $index.Permalink }}" defer></script>