LukeParke/unicorn-utterances
1
0
Fork 0
mirror of https://github.com/LukeHagar/unicorn-utterances.git synced 2025-12-06 12:57:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

update CSP to allow convertkit form-action, allow only inline style attr sources, etc.

Browse Source
This commit is contained in:
James Fenn
2023-10-20 23:27:38 -04:00
parent bad27e817f
commit d2bc673a06
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
vercel.json
View File

@@ -42,7 +42,7 @@
"headers": [ "headers": [
{ {
"key": "Content-Security-Policy", "key": "Content-Security-Policy",
"value": "default-src 'self';base-uri 'self';font-src 'self';form-action 'self';frame-ancestors 'self';frame-src https:;img-src 'self' https: data:;object-src 'none';script-src 'self' 'unsafe-inline';script-src-attr 'none';style-src 'self' 'unsafe-inline';upgrade-insecure-requests" "value": "default-src 'self';base-uri 'self';form-action 'self' https://app.convertkit.com;frame-ancestors 'none';frame-src https:;img-src 'self' https: data:;object-src 'none';script-src 'self' 'unsafe-inline';script-src-attr 'none';style-src-attr 'unsafe-inline';upgrade-insecure-requests"
}, },
{ {
"key": "Cross-Origin-Opener-Policy", "key": "Cross-Origin-Opener-Policy",