mirror of
https://github.com/DarrenOfficial/dpaste.git
synced 2024-11-23 11:56:36 +11:00
CSP - Upstream Patch (#239)
* Remove 32bit Docker does not support 32bit anymore. * Fix CSP mistake from 6 years ago. https://content-security-policy.com/unsafe-inline/ * CSP Vun oversight fix
This commit is contained in:
parent
6856572a5d
commit
2ed25cc843
2 changed files with 4 additions and 3 deletions
2
.github/workflows/docker.yml
vendored
2
.github/workflows/docker.yml
vendored
|
@ -59,6 +59,6 @@ jobs:
|
||||||
builder: ${{ steps.buildx.outputs.name }}
|
builder: ${{ steps.buildx.outputs.name }}
|
||||||
context: .
|
context: .
|
||||||
file: ./Dockerfile
|
file: ./Dockerfile
|
||||||
platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/i386
|
platforms: linux/amd64,linux/arm64,linux/ppc64le
|
||||||
push: true
|
push: true
|
||||||
tags: ${{ steps.prep.outputs.tags }}
|
tags: ${{ steps.prep.outputs.tags }}
|
||||||
|
|
|
@ -116,8 +116,9 @@ SECURE_BROWSER_XSS_FILTER = True
|
||||||
SECURE_CONTENT_TYPE_NOSNIFF = True
|
SECURE_CONTENT_TYPE_NOSNIFF = True
|
||||||
|
|
||||||
CSP_DEFAULT_SRC = ("'none'",)
|
CSP_DEFAULT_SRC = ("'none'",)
|
||||||
CSP_SCRIPT_SRC = ("'self'", "'unsafe-inline'")
|
# If you edit the CSS/JS update your 256 HASH here.
|
||||||
CSP_STYLE_SRC = ("'self'", "'unsafe-inline'")
|
CSP_SCRIPT_SRC = ("'self'", "'unsafe-hashes'", "'sha256-634c702966ae36dcd81fe7a4c4756413be3b77af4f4a820651faecd1db1ab26a'",)
|
||||||
|
CSP_STYLE_SRC = ("'self'", "'unsafe-hashes'", "'sha256-7ac9cd7ab2811dac84cdc031d0acf0f355a2ab619f633b857f6db5b4c2b45361'")
|
||||||
|
|
||||||
LOGGING = {
|
LOGGING = {
|
||||||
"version": 1,
|
"version": 1,
|
||||||
|
|
Loading…
Reference in a new issue