Skip to content

Commit

Permalink
CSP tweaks
Browse files Browse the repository at this point in the history
  • Loading branch information
@johntopleyons
johntopleyons committed Apr 4, 2023
1 parent 561e6bd commit 9fd3158
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion webapp/app.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ def website_link(url)

before do
headers 'Cache-Control' => 'no-cache'
headers 'Content-Security-Policy' => "default-src 'self'; img-src 'self' data: https://avatars.githubusercontent.com https://cdn.datatables.net; https://*.integrateddataservice.gov.uk; script-src 'unsafe-eval' 'self' https://ajax.googleapis.com https://cdn.datatables.net https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdn.datatables.net;"
headers 'Content-Security-Policy' => "default-src 'self'; img-src 'self' data: https://avatars.githubusercontent.com https://cdn.datatables.net; https://githubdev-explorer.integrateddataservice.gov.uk; script-src 'unsafe-eval' 'self' https://ajax.googleapis.com https://cdn.datatables.net https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdn.datatables.net;"
headers 'Content-Type' => 'text/html; charset=utf-8'
headers 'Permissions-Policy' => 'fullscreen=(self)'
headers 'Referrer-Policy' => 'strict-origin-when-cross-origin'
Expand Down

0 comments on commit 9fd3158

Please sign in to comment.