From 5d1753b7c6d60c5eb981a702c8dd73837dbcccee Mon Sep 17 00:00:00 2001 From: tdro Date: Thu, 6 Oct 2022 14:18:58 -0400 Subject: themes/default/layouts/partials/base-head: Crudely serialize policy To add new rules without changing source code. Allow setting robots meta tag. --- config.json | 40 +++++++++++++++++++++++++--------------- 1 file changed, 25 insertions(+), 15 deletions(-) (limited to 'config.json') diff --git a/config.json b/config.json index e7948bf..43ec38f 100644 --- a/config.json +++ b/config.json @@ -94,7 +94,9 @@ "params": { "site": { "production": false, - "refresh": null + "referrer": "no-referrer", + "refresh": null, + "robots": "index,follow" }, "webmanifest": { "name": "Micro Blog", @@ -105,19 +107,24 @@ "logo": "data/media/logo.png" }, "csp": { - "upgrade": false, - "referrer": "no-referrer", - "childsrc": [ + "block-all-mixed-content": "", + "child-src": [ + "'self'" + ], + "connect-src": [ "'self'" ], - "fontsrc": [ + "default-src": [ "'self'" ], - "formaction": [ + "font-src": [ + "'self'" + ], + "form-action": [ "'self'", "lite.duckduckgo.com" ], - "framesrc": [ + "frame-src": [ "'self'", "imgur.com", "www.youtube-nocookie.com", @@ -126,38 +133,41 @@ "odysee.com", "docs.google.com" ], - "imgsrc": [ + "img-src": [ "'self'", "http://preview.test", "imgs.xkcd.com" ], - "mediasrc": [ + "manifest-src": [ + "'self'" + ], + "media-src": [ "'self'", "raw.githubusercontent.com", "i.imgur.com" ], - "objectsrc": [ + "object-src": [ "'none'" ], - "prefetchsrc": [ + "prefetch-src": [ "'self'" ], - "scriptsrc": [ + "script-src-elem": [ "'self'", "s.imgur.com", "platform.twitter.com" ], - "scriptsrcelem": [ + "script-src": [ "'self'", "s.imgur.com", "platform.twitter.com" ], - "stylesrc": [ + "style-src": [ "'self'", "'unsafe-inline'", "http://preview.test" ], - "connectsrc": [ + "worker-src": [ "'self'" ] }, -- cgit v1.2.3