Add content security policy meta tag in all html files

2020-04-01 09:32:13 +02:00 · 2020-04-01 09:32:13 +02:00 · 041d97154f
parent da0c444215
commit 041d97154f
3 changed files with 5 additions and 0 deletions
--- a/resources/empty.html
+++ b/resources/empty.html
@ -3,6 +3,7 @@
 <head>
    <meta charset="UTF-8">
    <title>Loading...</title>
+    <meta http-equiv="Content-Security-Policy" content="default-src 'none'">
 </head>

 <body>
--- a/resources/index.html
+++ b/resources/index.html
@ -4,6 +4,8 @@
    <meta charset="UTF-8">
    <title>Tabs</title>

+    <meta http-equiv="Content-Security-Policy" content="style-src 'self' 'unsafe-inline' https://use.fontawesome.com; font-src 'self' https://use.fontawesome.com; script-src 'self' 'unsafe-inline'">
+
    <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.8.2/css/all.css"
          integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay" crossorigin="anonymous">

--- a/resources/service-settings.html
+++ b/resources/service-settings.html
@ -4,6 +4,8 @@
    <meta charset="UTF-8">
    <title>Service settings</title>

+    <meta http-equiv="Content-Security-Policy" content="style-src 'self' 'unsafe-inline' https://use.fontawesome.com; font-src 'self' https://use.fontawesome.com; script-src 'self' 'unsafe-inline'">
+
    <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.8.2/css/all.css"
          integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay" crossorigin="anonymous">