elpatron/beauty-bookings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: CSP für Plausible (script-src und connect-src)

Browse Source 
Made-with: Cursor
This commit is contained in:
elpatron
2026-04-12 11:21:11 +02:00
parent db4618d48f
commit 512142c92a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Caddyfile
+1 -1
View File
@@ -27,7 +27,7 @@ stargirlnails.de {
X-Content-Type-Options "nosniff" X-Content-Type-Options "nosniff"
X-XSS-Protection "1; mode=block" X-XSS-Protection "1; mode=block"
Referrer-Policy "strict-origin-when-cross-origin" Referrer-Policy "strict-origin-when-cross-origin"
Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data:; connect-src 'self' data: blob:; frame-src 'self' https://www.openstreetmap.org;" Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://plausible.elpatron.me; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data:; connect-src 'self' data: blob: https://plausible.elpatron.me; frame-src 'self' https://www.openstreetmap.org;"
# HSTS (wird automatisch von Caddy gesetzt) # HSTS (wird automatisch von Caddy gesetzt)
Strict-Transport-Security "max-age=31536000; includeSubDomains" Strict-Transport-Security "max-age=31536000; includeSubDomains"