bigbuffet/bigbuffet-rw
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Mastodon nginx: add commented out CSP

Browse source
This commit is contained in:
Alex Gleason 2022-05-11 18:27:11 -05:00
parent d49e8c61a1
commit f08da5f8f0
No known key found for this signature in database
GPG key ID: 7211D1F99744FBB7
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
installation/mastodon.conf
View file

@ -70,6 +70,10 @@ server {
add_header Strict-Transport-Security "max-age=31536000" always;
# Content Security Policy (CSP)
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
# add_header Content-Security-Policy "base-uri 'none'; default-src 'none'; font-src 'self'; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline'; media-src 'self' https: data:; frame-src 'self' https:; manifest-src 'self'; connect-src 'self' data: blob: wss://example.com; script-src 'self'; child-src 'self'; worker-src 'self';";
# Fallback route.
# Try static files, then fall back to the SPA.
location / {