diff options
| author | Paul Duncan <pabs@pablotron.org> | 2024-06-03 10:57:43 -0400 |
|---|---|---|
| committer | Paul Duncan <pabs@pablotron.org> | 2024-06-03 10:57:43 -0400 |
| commit | 14b9a10eb685c8d150d14c25615589715d425db3 (patch) | |
| tree | 52a0743680c3860ed1a23a51c156bd352f315be6 /static | |
| parent | cdfb6304a84aa2dd6c4039835b14f361755441a7 (diff) | |
| download | pablotron.org-14b9a10eb685c8d150d14c25615589715d425db3.tar.bz2 pablotron.org-14b9a10eb685c8d150d14c25615589715d425db3.zip | |
content/articles/site-backend.md: add content-security-policy style-src-attr exception so viewing svgs works properly in firefox
Diffstat (limited to 'static')
| -rw-r--r-- | static/files/articles/site-backend/pablotron.org.conf.txt | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/static/files/articles/site-backend/pablotron.org.conf.txt b/static/files/articles/site-backend/pablotron.org.conf.txt index b2c498b..97a60d2 100644 --- a/static/files/articles/site-backend/pablotron.org.conf.txt +++ b/static/files/articles/site-backend/pablotron.org.conf.txt @@ -35,6 +35,12 @@ Header set Cache-Control "max-age=31536000, public" </FilesMatch> + # allow style-src-attr unsafe-inline for svgs + # (without this svgs do not render in firefox) + <FilesMatch "\.svg$"> + Header set "Content-Security-Policy" "default-src 'self'; img-src 'self'; style-src-attr 'self' 'unsafe-inline'" + </FilesMatch> + # expose webhook <Location /hooks/> ProxyPass "http://localhost:9000/" |