Skip to content
Snippets Groups Projects
Unverified Commit 08abc5aa authored by Nik | Klampfradler's avatar Nik | Klampfradler
Browse files

Allow iframes from *.teckids.org

parent 6a08a4fe
No related branches found
No related tags found
No related merge requests found
Pipeline #180489 passed
Stage: test
Stage: build
Stage: deploy
Hide whitespace changes
Inline Side-by-side
Showing
with 1 addition and 1 deletion
Caddyfile
+ 1
1
View file @ 08abc5aa
...@@ -4,7 +4,7 @@ http:// { ...@@ -4,7 +4,7 @@ http:// {
file_server file_server
header { header {
Content-Security-Policy "default-src 'self'; img-src 'self' data:; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'" Content-Security-Policy default-src 'self' *.teckids.org; img-src 'self' data: *.teckids.org; media-src 'self' *.teckids.org; object-src 'self' *.teckids.org; frame-src 'self' *.teckids.org; form-action 'self' *.teckids.org
X-Content-Type-Options nosniff X-Content-Type-Options nosniff
Referrer-Policy strict-origin-when-cross-origin Referrer-Policy strict-origin-when-cross-origin
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment