security/hakurei.app
5
1
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases 4 Wiki Activity

set up SRI for future use by CSP v3

Browse Source
This commit is contained in:
Daniel Micay
2021-11-18 18:50:44 -05:00
parent 61e1358202
commit 75f4b33323
24 changed files with 109 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
nginx/nginx.conf
View File

@@ -74,7 +74,7 @@ http {
map $http_cookie $preload_resources {
"~*__Host-preload=1" "";
default "</main.css>; rel=preload; as=style, </fonts/roboto-v20-regular-latin.woff2>; rel=preload; as=font; crossorigin, </fonts/roboto-v20-bold-latin.woff2>; rel=preload; as=font; crossorigin, </mask-icon.svg>; rel=preload; as=image";
default "<{{path|/main.css}}>; rel=preload; as=style, </fonts/roboto-v20-regular-latin.woff2>; rel=preload; as=font; crossorigin, </fonts/roboto-v20-bold-latin.woff2>; rel=preload; as=font; crossorigin, <{{path|/mask-icon.svg}}>; rel=preload; as=image";
}
server {
@@ -259,7 +259,7 @@ http {
add_header Cache-Control "public, max-age=604800";
}
location = /mask-icon.svg {
location = {{path|/mask-icon.svg}} {
include snippets/security-headers.conf;
add_header Cross-Origin-Resource-Policy "same-origin" always;
add_header Cache-Control "public, max-age=31536000, immutable";