From 5c4502ae75ad98ec90877eec0fe8f26331bdaaf3 Mon Sep 17 00:00:00 2001 From: Luiz F. A. de Prá <luizdepra@users.noreply.github.com> Date: Mon, 17 Oct 2022 15:03:57 +0000 Subject: [PATCH] Comment CSP config (#728) --- exampleSite/config.toml | 44 ++++++++++++++++++++++---------------------- 1 files changed, 22 insertions(+), 22 deletions(-) diff --git a/exampleSite/config.toml b/exampleSite/config.toml index dcc4195..07f9608 100644 --- a/exampleSite/config.toml +++ b/exampleSite/config.toml @@ -74,28 +74,28 @@ # connectionString = "connectionString" # If you want to implement a Content-Security-Policy, add this section -[params.csp] -childsrc = ["'self'"] -fontsrc = ["'self'", "https://fonts.gstatic.com", "https://cdn.jsdelivr.net/"] -formaction = ["'self'"] -framesrc = ["'self'"] -imgsrc = ["'self'"] -objectsrc = ["'none'"] -stylesrc = [ - "'self'", - "'unsafe-inline'", - "https://fonts.googleapis.com/", - "https://cdn.jsdelivr.net/" -] -scriptsrc = [ - "'self'", - "'unsafe-inline'", - "https://www.google-analytics.com", - "https://cdn.jsdelivr.net/" -] -prefetchsrc = ["'self'"] -# connect-src directive – defines valid targets for to XMLHttpRequest (AJAX), WebSockets or EventSource -connectsrc = ["'self'", "https://www.google-analytics.com"] +# [params.csp] +# childsrc = ["'self'"] +# fontsrc = ["'self'", "https://fonts.gstatic.com", "https://cdn.jsdelivr.net/"] +# formaction = ["'self'"] +# framesrc = ["'self'", "https://www.youtube.com"] +# imgsrc = ["'self'"] +# objectsrc = ["'none'"] +# stylesrc = [ +# "'self'", +# "'unsafe-inline'", +# "https://fonts.googleapis.com/", +# "https://cdn.jsdelivr.net/", +# ] +# scriptsrc = [ +# "'self'", +# "'unsafe-inline'", +# "https://www.google-analytics.com", +# "https://cdn.jsdelivr.net/", +# ] +# prefetchsrc = ["'self'"] +# # connect-src directive – defines valid targets for to XMLHttpRequest (AJAX), WebSockets or EventSource +# connectsrc = ["'self'", "https://www.google-analytics.com"] [taxonomies] category = "categories" -- Gitblit v1.10.0