dewdude
/
pickmy-dot-org-jekyll-site
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add default.html for CSP

Browse Source
master
Jay 2 years ago
parent 5e10b4f757
commit 2f4aaab076
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File

22
_layouts/default.html
Unescape Escape View File

@ -0,0 +1,22 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: "en" }}">
<meta http-equiv="Content-Security-Policy" content="default-src 'none'; script-src 'self'; style-src 'self' https://fonts.googleapis.com; img-src 'self' *.pickmy.org; font-src 'self' https://fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; child-src 'self'; form-action 'none'; base-uri 'self'" />
<meta http-equiv="X-XSS-Protection" content="1;mode=block" always>
<meta http-equiv="Referrer-Policy" content="no-referrer, strict-origin-when-cross-origin">
{%- include head.html -%}
<body>
<div class="container">
{%- include header.html -%}
<main>
{{ content }}
</main>
{%- include footer.html -%}
</div>
</body>
</html>
Write Preview
Loading…
Cancel
Save