1
0
Fork 0

[FIX] CSP issues with panel widgets fixed

This commit is contained in:
Jannik Beyerstedt 2016-10-16 11:22:05 +02:00
parent 57f811dbe9
commit 5b294abf9f

View file

@ -1,5 +1,7 @@
<?php <?php
header("Content-Security-Policy: default-src 'self'; style-src 'self' 'nonce-nRfqpuKWNuYyUAFPTr6WVNZk9' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; frame-src https://www.youtube-nocookie.com; script-src 'self' 'unsafe-eval' 'nonce-nRfqpuKWNuYyUAFPTr6WVNZk9' https://jannikb.aquila.uberspace.de/piwik/; img-src 'self' https://jannikb.aquila.uberspace.de/piwik/"); if(!function_exists('panel')) {
header("Content-Security-Policy: default-src 'self'; style-src 'self' 'nonce-nRfqpuKWNuYyUAFPTr6WVNZk9' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; frame-src https://www.youtube-nocookie.com; script-src 'self' 'unsafe-eval' 'nonce-nRfqpuKWNuYyUAFPTr6WVNZk9' https://jannikb.aquila.uberspace.de/piwik/; img-src 'self' https://jannikb.aquila.uberspace.de/piwik/");
}
//header("X-Content-Type-Options: nosniff"); // enabled at server-side //header("X-Content-Type-Options: nosniff"); // enabled at server-side
//header("X-Frame-Options: deny"); // enabled at server-side //header("X-Frame-Options: deny"); // enabled at server-side
//header("X-Xss-Protection: 1; mode=block"); // enabled at server-side //header("X-Xss-Protection: 1; mode=block"); // enabled at server-side