diff options
| author | tdro <tdro@noreply.example.com> | 2022-10-06 14:18:58 -0400 |
|---|---|---|
| committer | tdro <tdro@noreply.example.com> | 2022-10-06 14:18:58 -0400 |
| commit | 5d1753b7c6d60c5eb981a702c8dd73837dbcccee (patch) | |
| tree | 3de27209a24168d2cb1b4cbd631f630057a834bd /themes/default/layouts/partials/base-csp.html | |
| parent | bf80275fd5dcf253cbf09c31492c7bc101421016 (diff) | |
| download | canory-5d1753b7c6d60c5eb981a702c8dd73837dbcccee.tar.gz canory-5d1753b7c6d60c5eb981a702c8dd73837dbcccee.tar.bz2 canory-5d1753b7c6d60c5eb981a702c8dd73837dbcccee.zip | |
themes/default/layouts/partials/base-head: Crudely serialize policy
To add new rules without changing source code. Allow setting
robots meta tag.
Diffstat (limited to 'themes/default/layouts/partials/base-csp.html')
| -rw-r--r-- | themes/default/layouts/partials/base-csp.html | 60 |
1 files changed, 22 insertions, 38 deletions
diff --git a/themes/default/layouts/partials/base-csp.html b/themes/default/layouts/partials/base-csp.html index 9519e14..55719d8 100644 --- a/themes/default/layouts/partials/base-csp.html +++ b/themes/default/layouts/partials/base-csp.html @@ -1,42 +1,26 @@ -{{ $upgrade := "" }} -{{ if .Site.Params.csp.upgrade }} - {{ $upgrade = "upgrade-insecure-requests;" }} -{{- end -}} +<meta name="referrer" content="{{ .Site.Params.site.referrer }}"> + +{{- if .Site.Params.csp }} -<meta name="referrer" content="{{ .Site.Params.csp.referrer }}"> +{{ + $policy := .Site.Params.csp + | jsonify + | replaceRE "\":\"\",\"" ";\n" + | replaceRE "{\"" "" + | replaceRE "\"],\"" ";\n" + | replaceRE "\",\"" " " + | replaceRE "\":\\[\"" " " + | replaceRE "\"]}" ";" + | replaceRE "\":\"\"}" ";" + | plainify +-}} {{ printf ` -<meta - http-equiv="Content-Security-Policy" - content=" - %s - block-all-mixed-content; - default-src 'self'; - child-src %s; - connect-src %s; - font-src %s; - form-action %s; - frame-src %s; - img-src %s; - media-src %s; - object-src %s; - prefetch-src %s; - script-src %s; - script-src-elem %s; - style-src %s; - ">` - ($upgrade) - (delimit .Site.Params.csp.childsrc " ") - (delimit .Site.Params.csp.connectsrc " ") - (delimit .Site.Params.csp.fontsrc " ") - (delimit .Site.Params.csp.formaction " ") - (delimit .Site.Params.csp.framesrc " ") - (delimit .Site.Params.csp.imgsrc " ") - (delimit .Site.Params.csp.mediasrc " ") - (delimit .Site.Params.csp.objectsrc " ") - (delimit .Site.Params.csp.prefetchsrc " ") - (delimit .Site.Params.csp.scriptsrc " ") - (delimit .Site.Params.csp.scriptsrcelem " ") - (delimit .Site.Params.csp.stylesrc " ") - | safeHTML }} +<meta http-equiv="Content-Security-Policy" content=" +%s +">` +$policy | safeHTML +}} + +{{- end -}} |