web: quentin: add CSP

author: Quentin Aristote <quentin@aristote.fr> 2023-02-23 19:16:25 +0100
committer: Quentin Aristote <quentin@aristote.fr> 2023-02-23 19:16:25 +0100
commit: 64e6ce3660853783e839f669aafeeacbe94f7571 (patch)
tree: 8d5e96b91fbc44c91e90361c4b1d8f4d8be0bd1a
parent: 17b745d36f51d37cbfb0640b353d7d1f52205f0d (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/config/services/web/quentin/default.nix b/config/services/web/quentin/default.nix
index 4a908f5..66628a9 100644
--- a/config/services/web/quentin/default.nix
+++ b/config/services/web/quentin/default.nix
@@ -8,6 +8,7 @@
     enableACME = true;
     extraConfig = ''
       add_header Cache-Control no-cache;
+      add_header Content-Security-Policy "default-src 'none'; form-action 'none'; frame-ancestors 'none'; font-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';";
     '';
   };
author	Quentin Aristote <quentin@aristote.fr>	2023-02-23 19:16:25 +0100
committer	Quentin Aristote <quentin@aristote.fr>	2023-02-23 19:16:25 +0100
commit	64e6ce3660853783e839f669aafeeacbe94f7571 (patch)
tree	8d5e96b91fbc44c91e90361c4b1d8f4d8be0bd1a
parent	17b745d36f51d37cbfb0640b353d7d1f52205f0d (diff)