Fixes CSP

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2022-10-20 06:05:36 -04:00
parent f6e3c19df7
commit 612ab82db0
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2
2 changed files with 1 additions and 3 deletions

View File

@ -42,7 +42,6 @@ services:
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C - POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
volumes: volumes:
- ./schemas:/var/lib/postgresql/data:Z - ./schemas:/var/lib/postgresql/data:Z
- ./dumps:dumps:Z
networks: networks:
- matrix - matrix
#user: "70:70" #user: "70:70"

View File

@ -37,8 +37,7 @@ add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; prelo
# Optional additional headers # Optional additional headers
#add_header Cache-Control "no-transform" always; #add_header Cache-Control "no-transform" always;
add_header Content-Security-Policy "default-src 'none'; connect-src * https:; font-src 'self'; img-src * https: data:; manifest-src 'self'; media-src 'self'; script-src * https:; style-src 'self' 'unsafe-inline'; frame-src https://www.recaptcha.net; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'"; add_header Content-Security-Policy "default-src 'none'; connect-src * https:; font-src 'self'; img-src https: blob: data:; manifest-src 'self'; media-src 'self' blob:; script-src https:; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.recaptcha.net blob:; frame-ancestors 'self'; block-all-mixed-content; base-uri 'none'";
add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), sync-xhr=(), xr-spatial-tracking=()";
add_header Referrer-Policy "same-origin" always; add_header Referrer-Policy "same-origin" always;
add_header X-Content-Type-Options "nosniff" always; add_header X-Content-Type-Options "nosniff" always;
#add_header X-UA-Compatible "IE=Edge" always; #add_header X-UA-Compatible "IE=Edge" always;