Skip to content

Commit 6a32de7

Browse files
kp-catkp-cat
authored
Update _headers (#558)
1 parent 0acb028 commit 6a32de7

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

website/_headers

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,4 +9,4 @@
99
Cross-Origin-Opener-Policy: same-origin
1010
Cross-Origin-Resource-Policy: same-origin
1111
Cross-Origin-Embedder-Policy: credentialless
12-
Content-Security-Policy: default-src 'none'; frame-src 'self' https://*.configcat.com https://www.google.com https://challenges.cloudflare.com https://www.youtube.com https://*.googletagmanager.com https://td.doubleclick.net; script-src 'self' 'unsafe-inline' https://*.configcat.com https://*.googletagmanager.com https://googletagmanager.com https://tagmanager.google.com https://*.google-analytics.com https://www.google.com https://www.gstatic.com https://challenges.cloudflare.com https://*.cloudflareinsights.com https://*.cello.so https://*.smartlook.com; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com https://fonts.googleapis.com https://googletagmanager.com https://tagmanager.google.com https://use.typekit.net https://p.typekit.net https://www.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://use.typekit.net; img-src 'self' data: https://*.configcat.com https://*.google-analytics.com https://*.google.com https://*.googletagmanager.com https://codecov.io https://img.shields.io https://github.com https://snyk.io https://sonarcloud.io https://data.jsdelivr.com https://maven-badges.herokuapp.com https://javadoc.io https://ci.appveyor.com https://buildstats.info https://goreportcard.com https://godoc.org https://poser.pugx.org https://badge.fury.io https://coveralls.io https://pkg.go.dev https://s3.amazonaws.com https://*.cloudfront.net https://img.youtube.com https://thepracticaldev.s3.amazonaws.com https://raw.githubusercontent.com https://blog.ladeak.net; media-src 'self'; connect-src 'self' https://*.configcat.com https://*.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://*.g.doubleclick.net https://*.google.com https://*.amplitude.com https://*.cloudflareinsights.com https://*.algolia.net https://*.cello.so https://*.smartlook.com https://*.smartlook.cloud; object-src 'self'; child-src 'self' blob:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'; manifest-src 'self';
12+
Content-Security-Policy: default-src 'none'; frame-src 'self' https://*.configcat.com https://www.google.com https://challenges.cloudflare.com https://www.youtube.com https://*.googletagmanager.com https://td.doubleclick.net; script-src 'self' 'unsafe-inline' https://*.configcat.com https://*.googletagmanager.com https://googletagmanager.com https://tagmanager.google.com https://*.google-analytics.com https://www.google.com https://www.gstatic.com https://challenges.cloudflare.com https://*.cloudflareinsights.com https://*.cello.so https://*.smartlook.com https://snap.licdn.com; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com https://fonts.googleapis.com https://googletagmanager.com https://tagmanager.google.com https://use.typekit.net https://p.typekit.net https://www.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://use.typekit.net; img-src 'self' data: https://*.configcat.com https://*.google-analytics.com https://*.google.com https://*.googletagmanager.com https://codecov.io https://img.shields.io https://github.com https://snyk.io https://sonarcloud.io https://data.jsdelivr.com https://maven-badges.herokuapp.com https://javadoc.io https://ci.appveyor.com https://buildstats.info https://goreportcard.com https://godoc.org https://poser.pugx.org https://badge.fury.io https://coveralls.io https://pkg.go.dev https://s3.amazonaws.com https://*.cloudfront.net https://img.youtube.com https://thepracticaldev.s3.amazonaws.com https://raw.githubusercontent.com https://blog.ladeak.net https://px.ads.linkedin.com; media-src 'self'; connect-src 'self' https://*.configcat.com https://*.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://*.g.doubleclick.net https://*.google.com https://*.amplitude.com https://*.cloudflareinsights.com https://*.algolia.net https://*.cello.so https://*.smartlook.com https://*.smartlook.cloud; object-src 'self'; child-src 'self' blob:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'; manifest-src 'self';

0 commit comments

Comments
 (0)