From 06e59cfa35fcdd4e496984cacf3e7dd36fb3c54f Mon Sep 17 00:00:00 2001 From: Tommy Date: Wed, 22 Oct 2025 22:57:35 +0000 Subject: [PATCH] Fix style-src --- public/_headers | 3 ++- static/_headers | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/public/_headers b/public/_headers index e1891aa..139c96a 100644 --- a/public/_headers +++ b/public/_headers @@ -17,5 +17,6 @@ X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 + X-Frame-Options : DENY - Content-Security-Policy: default-src 'none'; connect-src 'self'; img-src 'self'; manifest-src 'self'; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; $style_src_type6; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; base-uri 'none' \ No newline at end of file + Content-Security-Policy: default-src 'none'; connect-src 'self'; img-src 'self'; manifest-src 'self'; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; base-uri 'none' \ No newline at end of file diff --git a/static/_headers b/static/_headers index 149fb7b..139c96a 100644 --- a/static/_headers +++ b/static/_headers @@ -19,4 +19,4 @@ X-XSS-Protection: 0 X-Frame-Options : DENY - Content-Security-Policy: default-src 'none'; connect-src 'self'; img-src 'self'; manifest-src 'self'; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; $style_src_type6; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; base-uri 'none' \ No newline at end of file + Content-Security-Policy: default-src 'none'; connect-src 'self'; img-src 'self'; manifest-src 'self'; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; base-uri 'none' \ No newline at end of file