aboutsummaryrefslogtreecommitdiff
path: root/config.json
diff options
context:
space:
mode:
authortdro <tdro@noreply.example.com>2022-10-06 14:18:58 -0400
committertdro <tdro@noreply.example.com>2022-10-06 14:18:58 -0400
commit5d1753b7c6d60c5eb981a702c8dd73837dbcccee (patch)
tree3de27209a24168d2cb1b4cbd631f630057a834bd /config.json
parentbf80275fd5dcf253cbf09c31492c7bc101421016 (diff)
downloadcanory-5d1753b7c6d60c5eb981a702c8dd73837dbcccee.tar.gz
canory-5d1753b7c6d60c5eb981a702c8dd73837dbcccee.tar.bz2
canory-5d1753b7c6d60c5eb981a702c8dd73837dbcccee.zip
themes/default/layouts/partials/base-head: Crudely serialize policy
To add new rules without changing source code. Allow setting robots meta tag.
Diffstat (limited to 'config.json')
-rw-r--r--config.json40
1 files changed, 25 insertions, 15 deletions
diff --git a/config.json b/config.json
index e7948bf..43ec38f 100644
--- a/config.json
+++ b/config.json
@@ -94,7 +94,9 @@
"params": {
"site": {
"production": false,
- "refresh": null
+ "referrer": "no-referrer",
+ "refresh": null,
+ "robots": "index,follow"
},
"webmanifest": {
"name": "Micro Blog",
@@ -105,19 +107,24 @@
"logo": "data/media/logo.png"
},
"csp": {
- "upgrade": false,
- "referrer": "no-referrer",
- "childsrc": [
+ "block-all-mixed-content": "",
+ "child-src": [
+ "'self'"
+ ],
+ "connect-src": [
"'self'"
],
- "fontsrc": [
+ "default-src": [
"'self'"
],
- "formaction": [
+ "font-src": [
+ "'self'"
+ ],
+ "form-action": [
"'self'",
"lite.duckduckgo.com"
],
- "framesrc": [
+ "frame-src": [
"'self'",
"imgur.com",
"www.youtube-nocookie.com",
@@ -126,38 +133,41 @@
"odysee.com",
"docs.google.com"
],
- "imgsrc": [
+ "img-src": [
"'self'",
"http://preview.test",
"imgs.xkcd.com"
],
- "mediasrc": [
+ "manifest-src": [
+ "'self'"
+ ],
+ "media-src": [
"'self'",
"raw.githubusercontent.com",
"i.imgur.com"
],
- "objectsrc": [
+ "object-src": [
"'none'"
],
- "prefetchsrc": [
+ "prefetch-src": [
"'self'"
],
- "scriptsrc": [
+ "script-src-elem": [
"'self'",
"s.imgur.com",
"platform.twitter.com"
],
- "scriptsrcelem": [
+ "script-src": [
"'self'",
"s.imgur.com",
"platform.twitter.com"
],
- "stylesrc": [
+ "style-src": [
"'self'",
"'unsafe-inline'",
"http://preview.test"
],
- "connectsrc": [
+ "worker-src": [
"'self'"
]
},