mirror of
https://github.com/PrivSec-dev/privsec.dev.git
synced 2024-12-29 09:06:30 -05:00
Fix CSP for SOGo (#122)
Signed-off-by: samsepi0l <contact@simpleprivacy.fr>
This commit is contained in:
parent
fd52793cad
commit
2af22036b8
@ -75,13 +75,13 @@ Use the following as your [Content Security Policy](https://developer.mozilla.or
|
||||
#### If you use Gravatar with SOGo
|
||||
|
||||
```
|
||||
add_header Content-Security-Policy "default-src 'none'; connect-src 'self' https://api.github.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'";
|
||||
add_header Content-Security-Policy "default-src 'none'; connect-src 'self' https://api.github.com https://www.gravatar.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'";
|
||||
```
|
||||
|
||||
#### If you do not use Gravatar with SOGo
|
||||
|
||||
```
|
||||
add_header Content-Security-Policy "default-src 'none'; connect-src 'self' https://api.github.com https://www.gravatar.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'";
|
||||
add_header Content-Security-Policy "default-src 'none'; connect-src 'self' https://api.github.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'";
|
||||
```
|
||||
|
||||
### Cross-Origin Resource, Opener, and Embedder Policies
|
||||
|
Loading…
Reference in New Issue
Block a user