commit d7b613433bf9a1a8a757aaa92d71723c71e04bfa
parent 65146b577a9e4f82ad6c14d15d34f36b6659b240
author: nathanael <nathanael@dalliard.ch>
date: Tue, 14 Oct 2025 22:41:31 +0000
s1: add script-src
diffstat:
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/s1/sysfiles/relayd.conf b/s1/sysfiles/relayd.conf
@@ -15,7 +15,7 @@ http protocol https {
match response header set "X-Frame-Options" value "deny"
match response header set "Referrer-Policy" value "no-referrer"
match response header set "Content-Security-Policy" value \
- "default-src 'self'; base-uri 'none'; img-src 'self' data:; form-action 'self'; frame-ancestors 'none'"
+ "default-src 'self'; base-uri 'none'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; form-action 'self'; frame-ancestors 'none'"
match response header set "Permissions-Policy" value \
"geolocation=(), microphone=(), camera=()"
