Skip to content

Commit

Permalink
staticwebapp config: add back CSP and allow unsafe-eval and unsafe-in…
Browse files Browse the repository at this point in the history 
…line

This adds the CSP back and also adds unsafe-eval and unsafe-inline which are
needed for the search functionality and theme settings.

Fixes #61
  • Loading branch information
@flyth
flyth committed Sep 13, 2024
1 parent 7a9cff3 commit 0abf831
Showing 1 changed file with 7 additions and 6 deletions.
13 changes: 7 additions & 6 deletions static/staticwebapp.config.json
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
{
"globalHeaders": {
"Content-Type": "text/html; charset=UTF-8",
"Permissions-Policy": "geolocation=(), microphone=(), camera=()",
"X-Frame-Options": "SAMEORIGIN",
"X-Permitted-Cross-Domain-Policies": "none"
}
"globalHeaders": {
"Content-Type": "text/html; charset=UTF-8",
"Content-Security-Policy": "script-src 'self' 'unsafe-eval' 'unsafe-inline'",
"Permissions-Policy": "geolocation=(), microphone=(), camera=()",
"X-Frame-Options": "SAMEORIGIN",
"X-Permitted-Cross-Domain-Policies": "none"
}
}

0 comments on commit 0abf831

Please sign in to comment.