jake/jarv.is
1
Fork 0
mirror of https://github.com/jakejarvis/jarv.is.git synced 2025-07-23 02:21:16 -04:00
Code Issues Activity

CSP script oopsie-poopsies

Browse Source
This commit is contained in:
Jake Jarvis
2018-04-26 20:30:09 -04:00
parent e54a358b8d
commit 49e143c5dd
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
firebase.json
View File

@@ -38,7 +38,7 @@
},
{
"key": "Content-Security-Policy",
"value": "default-src 'self'; script-src 'self' 'unsafe-inline' https://www.google-analytics.com https://ssl.google-analytics.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.youtube.com https://drive.google.com https://www.scribd.com; connect-src 'self' https://jakejarvis.report-uri.com; report-uri https://jakejarvis.report-uri.com/r/d/csp/enforce;"
"value": "default-src 'self'; script-src 'self' www.google-analytics.com ssl.google-analytics.com ajax.googleapis.com 'sha256-KhRmfxEAAaZsUM+7gtG8pxaii136UceZCbgie95aRd0=' 'sha256-C84Lc+r0cDvAfbbr1KHi0s1jt0nzfAWH5+bmB/2Ph8s='; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' fonts.gstatic.com; frame-src 'self' www.youtube.com player.vimeo.com drive.google.com www.scribd.com; connect-src 'self' jakejarvis.report-uri.com www.google-analytics.com ssl.google-analytics.com; upgrade-insecure-requests; report-uri https://jakejarvis.report-uri.com/r/d/csp/enforce;"
},
{
"key": "Expect-CT",