aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--content/articles/site-backend.md6
-rw-r--r--static/files/articles/site-backend/pablotron.org.conf.txt6
2 files changed, 12 insertions, 0 deletions
diff --git a/content/articles/site-backend.md b/content/articles/site-backend.md
index ca36b2d..673c20d 100644
--- a/content/articles/site-backend.md
+++ b/content/articles/site-backend.md
@@ -297,6 +297,12 @@ redirects removed:
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
+ # allow style-src-attr unsafe-inline for svgs
+ # (without this svgs do not render in firefox)
+ <FilesMatch "\.svg$">
+ Header set "Content-Security-Policy" "default-src 'self'; img-src 'self'; style-src-attr 'self' 'unsafe-inline'"
+ </FilesMatch>
+
# expose webhook
<Location /hooks/>
ProxyPass "http://localhost:9000/"
diff --git a/static/files/articles/site-backend/pablotron.org.conf.txt b/static/files/articles/site-backend/pablotron.org.conf.txt
index b2c498b..97a60d2 100644
--- a/static/files/articles/site-backend/pablotron.org.conf.txt
+++ b/static/files/articles/site-backend/pablotron.org.conf.txt
@@ -35,6 +35,12 @@
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
+ # allow style-src-attr unsafe-inline for svgs
+ # (without this svgs do not render in firefox)
+ <FilesMatch "\.svg$">
+ Header set "Content-Security-Policy" "default-src 'self'; img-src 'self'; style-src-attr 'self' 'unsafe-inline'"
+ </FilesMatch>
+
# expose webhook
<Location /hooks/>
ProxyPass "http://localhost:9000/"