Abhinav
|
52f0ac0027
|
update csp report URL
|
2022-01-03 15:10:01 +05:30 |
|
|
Abhinav
|
6e62f312bf
|
update to use ente domain url for workes instead of worker.dev cf domains
|
2021-12-20 15:51:24 +05:30 |
|
|
Abhinav
|
7b739ae003
|
add suggested observatory header
|
2021-12-03 20:38:03 +05:30 |
|
|
Abhinav
|
7df09a17ea
|
cleanup
|
2021-12-03 20:20:56 +05:30 |
|
|
Abhinav
|
5df92125f5
|
add unsafe eval to allow heif.js new Function() call
|
2021-12-03 17:23:16 +05:30 |
|
|
Abhinav
|
949dd07821
|
activate content scurity policy
|
2021-12-03 14:41:03 +05:30 |
|
|
Abhinav
|
5931bf87d0
|
add data: protocol for connect-src and remove require trusted for script
|
2021-12-03 14:40:12 +05:30 |
|
|
Abhinav
|
59b3745dbd
|
add unsafe inline to style-src
no good solution to implement nonce and hash exists current
https://github.com/styled-components/styled-components/issues/2363
https://github.com/vercel/next.js/issues/18557#issuecomment-768205738
|
2021-12-02 15:28:17 +05:30 |
|
|
Abhinav
|
e7bed748c4
|
fix report-uri
|
2021-12-02 14:49:11 +05:30 |
|
|
Abhinav
|
a8ad8b22ff
|
add missing report to and reporturi to
|
2021-12-02 14:47:00 +05:30 |
|
|
Abhinav
|
4b032058d7
|
move all directive except script-src to header
|
2021-12-02 14:33:36 +05:30 |
|
|
Abhinav
|
d88e64b2c4
|
add mode block to xss protection
|
2021-12-02 13:02:38 +05:30 |
|
|
Abhinav
|
87f3f7aa67
|
add Referrer-Policy header
|
2021-12-02 12:29:00 +05:30 |
|
|
Abhinav
|
366a283f65
|
move csp to meta tag in document to add inline script hash
|
2021-12-02 12:03:25 +05:30 |
|
|
Abhinav
|
4580470812
|
changed object src to none
|
2021-12-02 10:12:47 +05:30 |
|
|
Abhinav
|
d297b82887
|
fix csp self value , by adding quotes
|
2021-12-01 20:15:11 +05:30 |
|
|
Abhinav
|
bfd869503d
|
update csp to report only and add report URI
|
2021-12-01 18:37:10 +05:30 |
|
|
Abhinav
|
ec699c148f
|
added clouflare headers config file
|
2021-12-01 12:39:35 +05:30 |
|