diff options
| author | Quentin Aristote <quentin@aristote.fr> | 2023-02-23 19:16:25 +0100 |
|---|---|---|
| committer | Quentin Aristote <quentin@aristote.fr> | 2023-02-23 19:16:25 +0100 |
| commit | 64e6ce3660853783e839f669aafeeacbe94f7571 (patch) | |
| tree | 8d5e96b91fbc44c91e90361c4b1d8f4d8be0bd1a /config/services | |
| parent | 17b745d36f51d37cbfb0640b353d7d1f52205f0d (diff) | |
web: quentin: add CSP
Diffstat (limited to 'config/services')
| -rw-r--r-- | config/services/web/quentin/default.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/config/services/web/quentin/default.nix b/config/services/web/quentin/default.nix index 4a908f5..66628a9 100644 --- a/config/services/web/quentin/default.nix +++ b/config/services/web/quentin/default.nix @@ -8,6 +8,7 @@ enableACME = true; extraConfig = '' add_header Cache-Control no-cache; + add_header Content-Security-Policy "default-src 'none'; form-action 'none'; frame-ancestors 'none'; font-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';"; ''; }; |