docs: update Content Security Policy header value
Some checks failed
Deploy Next.js application / deploy (push) Failing after 10m9s

This commit is contained in:
Dorian Niemiec 2024-11-11 17:00:07 +01:00
parent 61973def28
commit 61c9c4313d
2 changed files with 2 additions and 2 deletions

View file

@ -49,7 +49,7 @@ server {
server_name _; server_name _;
add_header x-content-type-options "nosniff"; add_header x-content-type-options "nosniff";
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo='; style-src 'self' 'unsafe-inline'; frame-src 'self' data:"; add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo='; style-src 'self' 'unsafe-inline'; img-src 'self' data: *; frame-src 'self' data:";
add_header Referrer-Policy "strict-origin-when-cross-origin"; add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header Permissions-Policy "geolocation=(), camera=(), microphone=(), fullscreen=*"; add_header Permissions-Policy "geolocation=(), camera=(), microphone=(), fullscreen=*";
add_header Feature-Policy "geolocation 'none', camera 'none', microphone 'none', fullscreen *"; add_header Feature-Policy "geolocation 'none', camera 'none', microphone 'none', fullscreen *";

View file

@ -22,7 +22,7 @@ Open the `/etc/svrjs-config.json` file in your preferred text editor, and alter
{ {
"customHeaders": { "customHeaders": {
"x-content-type-options": "nosniff", "x-content-type-options": "nosniff",
"Content-Security-Policy": "default-src 'self'; script-src 'self' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo='; style-src 'self' 'unsafe-inline'; frame-src 'self' data:", "Content-Security-Policy": "default-src 'self'; script-src 'self' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo='; style-src 'self' 'unsafe-inline'; img-src 'self' data: *; frame-src 'self' data:",
"Referrer-Policy": "strict-origin-when-cross-origin", "Referrer-Policy": "strict-origin-when-cross-origin",
"Permissions-Policy": "geolocation=(), camera=(), microphone=(), fullscreen=*", "Permissions-Policy": "geolocation=(), camera=(), microphone=(), fullscreen=*",
"Feature-Policy": "geolocation 'none', camera 'none', microphone 'none', fullscreen *" "Feature-Policy": "geolocation 'none', camera 'none', microphone 'none', fullscreen *"