Skip to content

Commit

Permalink
updated api content security to make chrome more happy
Browse files Browse the repository at this point in the history
  • Loading branch information
@metaclassing
metaclassing committed Jun 7, 2018
1 parent e267768 commit 5777b9f
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion include/security/apicontentsecurity.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
# frame-src 'self' data: chrome-extension-resource:;
# font-src 'self' data: chrome-extension-resource:;
# media-src * data: blob: filesystem:;
add_header Content-Security-Policy 'default-src self * unsafe-inline ; script-src * self unsafe-inline ; upgrade-insecure-requests;' always;
add_header Content-Security-Policy 'default-src \'self\'; script-src * \'self\' \'unsafe-inline\'; style-src * \'self\' \'unsafe-inline\'; upgrade-insecure-requests;' always;

add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
Expand Down

0 comments on commit 5777b9f

Please sign in to comment.