Skip to content

Commit

Permalink
Add hashes for Privacy Badger injected scripts #csp
Browse files Browse the repository at this point in the history 
Privacy Badger version 2018.04.23:

- 'sha256-kNsowQfHpWMrbQG7AtSzSuMQg2t/YKwmDWdqeKfm4BI='
- 'sha256-afSIEhWGAPlY458Q4YkhPLVnsVEBh/u5YNlpg6od8TU='

- EFForg/privacybadger#1793 (comment)
- https://gitlab.com/kaushalmodi/kaushalmodi.gitlab.io/blob/29fc983ac72fa886ac39bff6b46dc7e426cb993b/netlify.toml#L174-199
  • Loading branch information
@kaushalmodi
kaushalmodi committed Apr 30, 2018
1 parent eb82766 commit cf05d9f
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
3 changes: 2 additions & 1 deletion doc/static/_headers
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,5 +47,6 @@
X-Content-Type-Options: nosniff

# Content Security Policy
## Hashes for Privacy Badger injected scripts: https://gitlab.com/kaushalmodi/kaushalmodi.gitlab.io/blob/29fc983ac72fa886ac39bff6b46dc7e426cb993b/netlify.toml#L174-199
/*
Content-Security-Policy: default-src 'none'; script-src 'self' 'sha256-O+U/ptNNoUqEhNU1BSkb7izMavM1GxrvRrabNX8WTKE=' 'sha256-YiWMVJIplziLxmHOI6iqs51JQS9W2hg1wDsKBD3u09g=' 'sha256-Zgc2pp+yOmAVogxvTHYBMFKubY0HKk2a0+0+8sX17WY=' https://cdnjs.cloudflare.com/ajax/libs/mathjax/ https://d33wubrfki0l68.cloudfront.net/js/ https://cdn.datatables.net 'unsafe-inline'; object-src 'none'; style-src 'self' https://d33wubrfki0l68.cloudfront.net https://cdn.rawgit.com/kaushalmodi/iosevka-mirror/ https://cdn.datatables.net 'unsafe-inline'; img-src 'self' https://d33wubrfki0l68.cloudfront.net https://api.travis-ci.org/kaushalmodi/ https://cdn.datatables.net; font-src 'self' about: data: https://cdnjs.cloudflare.com/ajax/libs/mathjax/ https://cdn.rawgit.com/kaushalmodi/iosevka-mirror/; connect-src 'self'; manifest-src 'self'; media-src 'none'; frame-src https://ghbtns.com; form-action 'self'; frame-ancestors 'none'; base-uri 'self'; block-all-mixed-content; report-uri https://c571407e2c6d71ed2021633b7fdad0de.report-uri.com/r/d/csp/enforce;
Content-Security-Policy: default-src 'none'; script-src 'self' 'sha256-O+U/ptNNoUqEhNU1BSkb7izMavM1GxrvRrabNX8WTKE=' 'sha256-YiWMVJIplziLxmHOI6iqs51JQS9W2hg1wDsKBD3u09g=' 'sha256-Zgc2pp+yOmAVogxvTHYBMFKubY0HKk2a0+0+8sX17WY=' 'sha256-kNsowQfHpWMrbQG7AtSzSuMQg2t/YKwmDWdqeKfm4BI=' 'sha256-afSIEhWGAPlY458Q4YkhPLVnsVEBh/u5YNlpg6od8TU=' https://cdnjs.cloudflare.com/ajax/libs/mathjax/ https://d33wubrfki0l68.cloudfront.net/js/ https://cdn.datatables.net 'unsafe-inline'; object-src 'none'; style-src 'self' https://d33wubrfki0l68.cloudfront.net https://cdn.rawgit.com/kaushalmodi/iosevka-mirror/ https://cdn.datatables.net 'unsafe-inline'; img-src 'self' https://d33wubrfki0l68.cloudfront.net https://api.travis-ci.org/kaushalmodi/ https://cdn.datatables.net; font-src 'self' about: data: https://cdnjs.cloudflare.com/ajax/libs/mathjax/ https://cdn.rawgit.com/kaushalmodi/iosevka-mirror/; connect-src 'self'; manifest-src 'self'; media-src 'none'; frame-src https://ghbtns.com; form-action 'self'; frame-ancestors 'none'; base-uri 'self'; block-all-mixed-content; report-uri https://c571407e2c6d71ed2021633b7fdad0de.report-uri.com/r/d/csp/enforce;
2 changes: 1 addition & 1 deletion test/site/themes/bare_min
Submodule bare_min updated 1 files
+2 −0 archetypes/.gitkeep

0 comments on commit cf05d9f

Please sign in to comment.