-
Notifications
You must be signed in to change notification settings - Fork 38
Joël Charles edited this page Dec 7, 2016
·
1 revision
add_header Content-Security-Policy "default-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://platform.twitter.com https://api.twitter.com https://cdn.syndication.twimg.com https://gist.github.com; img-src * data:; style-src 'self' 'unsafe-inline' https://assets-cdn.github.com https://platform.twitter.com; font-src 'self'; child-src https://www.youtube.com https://jsfiddle.net https://player.twitch.tv https://w.soundcloud.com https://www.dailymotion.com https://embed.ted.com https://codepen.io https://ideone.com https://jsbin.com https://embed.plnkr.co https://embed.spotify.com; object-src 'none'; connect-src 'self' ws: wss: https://example.com";