forked from gitea/blog
7 lines
754 B
Plaintext
7 lines
754 B
Plaintext
/*
|
|
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://discourse.gitea.io https://discourse-cdn-sjc2.com https://plausible.io; style-src 'self' https://fonts.googleapis.com https://cdnjs.cloudflare.com https://discourse-cdn-sjc2.com; font-src 'self' data: https://cdnjs.cloudflare.com https://fonts.gstatic.com; img-src 'self' https://docs.gitea.com https://gitea.com https://github.com https://discourse.gitea.io https://opencollective.com https://discourse-cdn-sjc2.com https://seccdn.libravatar.org; frame-src 'self' https://discourse.gitea.io; connect-src plausible.io;
|
|
X-Frame-Options: DENY
|
|
X-Xss-Protection: 1; mode=block
|
|
X-Content-Type-Options: nosniff
|
|
Referrer-Policy: strict-origin-when-cross-origin
|