Skip to content

Commit

Permalink
enable CSP headers
Browse files Browse the repository at this point in the history
  • Loading branch information
@Boldewyn
Boldewyn committed Feb 29, 2024
1 parent 58d9330 commit 22f6e05
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions codepoints.net/index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,17 @@
*/
header('Permissions-Policy: interest-cohort=()');

/**
* enable CSP protection (reporting only for now)
*/
header('Content-Security-Policy-Report-Only: '.
'default-src \'self\' https://stats.codepoints.net:443; '.
'style-src \'self\' \'unsafe-inline\'; '.
'font-src \'self\'; '.
(array_key_exists('embed', $_GET)? 'frame-ancestors *; ' : '').
'upgrade-insecure-requests; '.
'report-uri https://codepoints.report-uri.com/r/d/csp/reportOnly');

/**
* load the routes
*/
Expand Down

0 comments on commit 22f6e05

Please sign in to comment.