config.yaml: Add search engine verification

1 files changed, 43 insertions, 0 deletions

diff --git a/themes/default/layouts/partials/head-csp.html b/themes/default/layouts/partials/head-csp.html
new file mode 100644
index 0000000..d148498
--- /dev/null
+++ b/themes/default/layouts/partials/head-csp.html
@@ -0,0 +1,43 @@
+{{- $upgrade := "" -}}
+
+{{- if .Site.Params.csp.upgrade -}}
+  {{ $upgrade = "upgrade-insecure-requests;" }}
+{{- end -}}
+
+<base href="{{ .Site.BaseURL }}">
+<meta name="referrer" content="{{ .Site.Params.csp.referrer }}">
+
+{{ printf `
+<meta
+  http-equiv="Content-Security-Policy"
+  content="
+    %s
+    block-all-mixed-content;
+    default-src     'self';
+    child-src       %s;
+    connect-src     %s;
+    font-src        %s;
+    form-action     %s;
+    frame-src       %s;
+    img-src         %s;
+    media-src       %s;
+    object-src      %s;
+    prefetch-src    %s;
+    script-src      %s;
+    script-src-elem %s;
+    style-src       %s;
+  ">`
+    ($upgrade)
+    (delimit .Site.Params.csp.childsrc      " ")
+    (delimit .Site.Params.csp.connectsrc    " ")
+    (delimit .Site.Params.csp.fontsrc       " ")
+    (delimit .Site.Params.csp.formaction    " ")
+    (delimit .Site.Params.csp.framesrc      " ")
+    (delimit .Site.Params.csp.imgsrc        " ")
+    (delimit .Site.Params.csp.mediasrc      " ")
+    (delimit .Site.Params.csp.objectsrc     " ")
+    (delimit .Site.Params.csp.prefetchsrc   " ")
+    (delimit .Site.Params.csp.scriptsrc     " ")
+    (delimit .Site.Params.csp.scriptsrcelem " ")
+    (delimit .Site.Params.csp.stylesrc      " ")
+  | safeHTML }}