hyprwm
/
hyprland-website
mirror of https://github.com/hyprwm/hyprland-website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix font csp (#22)

This commit is contained in:
Abhay 2023-02-24 00:13:01 +00:00 committed by GitHub
parent 8d007514a6
commit 7f05179c9c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
index.js
View File

@ -20,7 +20,7 @@ app.use(expressEJSLayouts);
app.use((req, res, next) => { app.use((req, res, next) => {
// Security Headers - Refer to MDN and helmetjs docs // Security Headers - Refer to MDN and helmetjs docs
res.set("Content-Security-Policy", `default-src 'self'; img-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' https://cdn.jsdelivr.net https://code.jquery.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net; font-src 'self'; object-src 'none'; child-src 'none'; frame-ancestors 'none'; frame-src 'none'; upgrade-insecure-requests`); res.set("Content-Security-Policy", `default-src 'self'; img-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' https://cdn.jsdelivr.net https://code.jquery.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net; font-src 'self' data:; object-src 'none'; child-src 'none'; frame-ancestors 'none'; frame-src 'none'; upgrade-insecure-requests`);
res.set("Strict-Transport-Security", "max-age=15552000; includeSubDomains"); res.set("Strict-Transport-Security", "max-age=15552000; includeSubDomains");
res.set("X-Content-Type-Options", "nosniff"); res.set("X-Content-Type-Options", "nosniff");
res.set("X-Frame-Options", "DENY"); res.set("X-Frame-Options", "DENY");