disable scripts in the CSP

This commit is contained in:
Charlotte 🦝 Delenk 2023-05-26 12:51:29 +01:00
parent 25d3e23a3f
commit 7a9c8db947
Signed by: darkkirb
GPG key ID: AB2BD8DAF2E37122

View file

@ -291,11 +291,15 @@ in {
header Via BunnyCDN
}
route /media/* {
reverse_proxy @isbunny http://127.0.0.1:4000
reverse_proxy @isbunny http://127.0.0.1:4000 {
header_down Content-Security-Policy "script-src 'none';"
}
respond "Use the cdn" 403
}
route /proxy/* {
reverse_proxy @isbunny http://127.0.0.1:4000
reverse_proxy @isbunny http://127.0.0.1:4000 {
header_down Content-Security-Policy "script-src 'none';"
}
respond "Use the cdn" 403
}
handle {