1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
Description: Don't allow google api in CSP
Author: David Prévot <taffit@debian.org>
Forwarded: not-needed
Reviewed-By: Xavier Guimard <yadd@debian.org>
Last-Update: 2018-09-02
--- a/public/index.html
+++ b/public/index.html
@@ -7,7 +7,7 @@
<link rel="stylesheet" href="docsupport/prism.css">
<link rel="stylesheet" href="chosen.css">
- <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' https://ajax.googleapis.com; style-src 'self'; img-src 'self' data:">
+ <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' style-src 'self'; img-src 'self' data:">
</head>
<body>
--- a/public/index.proto.html
+++ b/public/index.proto.html
@@ -7,7 +7,7 @@
<link rel="stylesheet" href="docsupport/prism.css">
<link rel="stylesheet" href="chosen.css">
- <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' https://ajax.googleapis.com; style-src 'self'; img-src 'self' data:">
+ <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' style-src 'self'; img-src 'self' data:">
</head>
<body>
|
