Add to CSP

report-uri /csp-report; report-to csp-endpoint;">
2025-09-08 16:10:26 -04:00
parent 0f8399ec88
commit 14b6ae2337
1 changed files with 11 additions and 4 deletions
--- a/index.html
+++ b/index.html
@@ -9,10 +9,17 @@
           style-src 'self';
           font-src 'self' ;
           connect-src 'self' https: ;
-           img-src 'self' data:;
-           media-src 'none';
-           object-src 'none';
-           frame-src 'none';">
+           img-src 'self' data:; 
+           font-src 'self'; 
+           manifest-src 'self'; 
+           worker-src 'self'; 
+           object-src 'none'; 
+           frame-ancestors 'none'; 
+           form-action 'self'; 
+           upgrade-insecure-requests; 
+           block-all-mixed-content; 
+           report-uri /csp-report; 
+           report-to csp-endpoint;">
    <meta http-equiv="X-Content-Type-Options" content="nosniff">
    <meta http-equiv="X-XSS-Protection" content="1; mode=block">
    <meta http-equiv="Referrer-Policy" content="strict-origin-when-cross-origin">