From 6207682f46972773f57b5a01cdfa1c3afd70c7eb Mon Sep 17 00:00:00 2001
From: Alexander Bilz <mail@alexbilz.com>
Date: Mon, 18 May 2020 12:34:21 +0000
Subject: [PATCH] Updated Documentation and fixed another CSP issue

---
 layouts/partials/sidebar.html |    2 +-
 images/tn.png                 |    0 
 images/screenshot.png         |    0 
 assets/css/style.css          |    4 ++++
 README.md                     |   16 +++++++++++++++-
 5 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 109bfbe..8060624 100644
--- a/README.md
+++ b/README.md
@@ -7,7 +7,8 @@
 ## Features
 Anatole's aims to be minimalistic and sleek, but still brings some great functionality.
 
-Features include:
+### Features include:
+
 - Profile picture and slogan
 - Navigation items
 - Pagination
@@ -18,6 +19,8 @@
 - Fontawesome icons
 - Custom CSS (optional)
 - Medium like zoom for images
+- Compliant to strict CSP
+- Uses Hugo pipes to process assets
 
 ## Preview the exampleSite
 ```
@@ -113,6 +116,17 @@
   style-src 'self' stackpath.bootstrapcdn.com;
 "
 ```
+If you want to configure the security headers for a site running on Netlify, you want to make sure you create a special `_headers` file in your sites static folder. The content might look like the following:
+```
+/*
+  X-Frame-Options: DENY
+  X-Clacks-Overhead: "GNU Terry Pratchett"
+  X-XSS-Protection: 1; mode=block
+  X-Content-Type-Options: nosniff
+  Referrer-Policy: same-origin
+  Content-Security-Policy:  base-uri 'self'; connect-src 'self'; default-src 'self'; frame-ancestors 'none'; font-src 'self' stackpath.bootstrapcdn.com; img-src 'self'; object-src 'none'; script-src 'self'; style-src 'self' stackpath.bootstrapcdn.com;
+  Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
+```
 
 ## License
 
diff --git a/assets/css/style.css b/assets/css/style.css
index 8cfb1e7..4f788ff 100644
--- a/assets/css/style.css
+++ b/assets/css/style.css
@@ -225,6 +225,10 @@
 .sidebar .logo-title .logo {
   margin: 0 auto;
 }
+.sidebar .logo-title .title img {
+  width: 127px;
+  border-radius: 50%;
+}
 .sidebar .logo-title .title h3 {
   text-transform: uppercase;
   font-size: 2rem;
diff --git a/images/screenshot.png b/images/screenshot.png
index 515b193..3363422 100644
--- a/images/screenshot.png
+++ b/images/screenshot.png
Binary files differ
diff --git a/images/tn.png b/images/tn.png
index d3db2bd..450269e 100644
--- a/images/tn.png
+++ b/images/tn.png
Binary files differ
diff --git a/layouts/partials/sidebar.html b/layouts/partials/sidebar.html
index 01226b8..cf9d48f 100644
--- a/layouts/partials/sidebar.html
+++ b/layouts/partials/sidebar.html
@@ -1,7 +1,7 @@
 <div class="sidebar animated fadeInDown">
     <div class="logo-title">
       <div class="title">
-        <img src="{{ .Site.Params.profilePicture | absURL }}" alt="profile picture" style="width:127px;border-radius: 50%;">
+        <img src="{{ .Site.Params.profilePicture | absURL }}" alt="profile picture">
         <h3 title=""><a href="/">{{ .Site.Params.Title }}</a></h3>
         <div class="description">
           <p>{{ .Site.Params.description }}</p>

--
Gitblit v1.10.0