Skip to content

Commit

Permalink
fixing CSP - SWs use connect-src to validate CSP
Browse files Browse the repository at this point in the history
  • Loading branch information
@DerLev
DerLev committed Apr 23, 2024
1 parent 325027d commit 926fb2a
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion homepage/firebase.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
"source": "**",
"headers": [{
"key": "Content-Security-Policy",
"value": "script-src 'self'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; default-src 'self'"
"value": "script-src 'self'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; default-src 'self'"
}]
}
]
Expand Down
2 changes: 1 addition & 1 deletion homepage/hugo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,4 +63,4 @@ enableGitInfo = true
[[server.headers]]
for = '/**'
[server.headers.values]
Content-Security-Policy = "script-src 'self'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; default-src 'self'"
Content-Security-Policy = "script-src 'self'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; default-src 'self'"

0 comments on commit 926fb2a

Please sign in to comment.