deepStateMirrors/tabi
1
0
Fork 1
mirror of https://github.com/welpo/tabi.git synced 2025-12-14 11:48:45 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

🐛 fix(CSP): Move cdn.jsdelivr.net to different directive

Browse source 
this is abusing the CI to test if the old location was actually needed. I am sorry.
This commit is contained in:
Poolitzer 2025-11-27 11:07:39 +01:00 committed by GitHub
parent ab4bcd5695
commit e48088626e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
config.toml
View file

@ -355,8 +355,8 @@ footer_menu = [
allowed_domains = [ allowed_domains = [
{ directive = "font-src", domains = ["'self'", "data:"] }, { directive = "font-src", domains = ["'self'", "data:"] },
{ directive = "img-src", domains = ["'self'", "https://*", "data:"] }, { directive = "img-src", domains = ["'self'", "https://*", "data:"] },
{ directive = "media-src", domains = ["'self'", "https://cdn.jsdelivr.net/"] }, { directive = "media-src", domains = ["'self'"] },
{ directive = "script-src", domains = ["'self'"] }, { directive = "script-src", domains = ["'self'", "https://cdn.jsdelivr.net/"] },
{ directive = "style-src", domains = ["'self'"] }, { directive = "style-src", domains = ["'self'"] },
{ directive = "frame-src", domains = ["player.vimeo.com", "https://www.youtube-nocookie.com"] }, { directive = "frame-src", domains = ["player.vimeo.com", "https://www.youtube-nocookie.com"] },
] ]