From 744624813f1ff30558cd51067f0dec159a146d6f Mon Sep 17 00:00:00 2001 From: Nat Welch Date: Mon, 2 Dec 2024 18:04:28 +0000 Subject: [PATCH] fix headers --- nginx.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nginx.conf b/nginx.conf index 77e985c..6d20f0a 100644 --- a/nginx.conf +++ b/nginx.conf @@ -36,8 +36,8 @@ server { add_header X-XSS-Protection "1; mode=block"; add_header NEL '{"report_to":"default","max_age":2592000}'; add_header Report-To '{"group":"default","max_age":10886400,"endpoints":[{"url":"https://reportd.natwelch.com/report/resume"}]}'; - add_header Content-Security-Policy "default-src 'none'; img-src 'self' https://icco.imgix.net https://www.google-analytics.com; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' https://unpkg.com; connect-src 'self' https://www.google-analytics.com; frame-ancestors 'none'; base-uri 'none'; form-action 'none'; report-uri https://reportd.natwelch.com/report/resume; report-to default"; + add_header Content-Security-Policy "default-src 'none'; img-src 'self' https://fonts.gstatic.com https://icco.imgix.net https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://unpkg.com https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' https://unpkg.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com https://reportd.natwelch.com; frame-ancestors 'none'; base-uri 'none'; form-action 'none'; report-uri https://reportd.natwelch.com/report/resume; report-to default"; add_header Referrer-Policy "no-referrer"; - add_header Reporting-Endpoints "default=\"https://reportd.natwelch.com/reporting/natwelch\""; + add_header Reporting-Endpoints "default=\"https://reportd.natwelch.com/reporting/resume\""; } }