Skip to content

Commit

Permalink
modify CSP for matomo overlay
Browse files Browse the repository at this point in the history
  • Loading branch information
@olaszakos
olaszakos committed Oct 19, 2023
1 parent 81979a1 commit 5adfc7f
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion static/.ic-assets.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
"match": "**/*",
"allow_raw_access": true,
"headers": {
"Content-Security-Policy": "default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.matomo.cloud https://widget.kapa.ai https://www.google.com https://www.gstatic.com;connect-src 'self' https://*.ic0.app https://ic0.app https://icp0.io https://*.icp0.io https://internetcomputer.matomo.cloud https://cdn.matomo.cloud ic-api.internetcomputer.org mxzaz-hqaaa-aaaar-qaada-cai.raw.ic0.app https://data.jsdelivr.com https://cdn.jsdelivr.net https://kapa-widget-proxy-la7dkmplpq-uc.a.run.app;img-src 'self' data: https:;style-src * 'unsafe-inline';style-src-elem * 'unsafe-inline';font-src * data:;object-src 'none';base-uri 'self';frame-src https://motoko.agorapp.dev https://www.google.com;frame-ancestors 'self' https://internetcomputer.matomo.cloud;form-action 'self' https://dfinity.us16.list-manage.com https://internetcomputer.org;upgrade-insecure-requests;",
"Content-Security-Policy": "default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://internetcomputer.matomo.cloud https://cdn.matomo.cloud https://widget.kapa.ai https://www.google.com https://www.gstatic.com;connect-src 'self' https://*.ic0.app https://ic0.app https://icp0.io https://*.icp0.io https://internetcomputer.matomo.cloud https://cdn.matomo.cloud ic-api.internetcomputer.org mxzaz-hqaaa-aaaar-qaada-cai.raw.ic0.app https://data.jsdelivr.com https://cdn.jsdelivr.net https://kapa-widget-proxy-la7dkmplpq-uc.a.run.app;img-src 'self' data: https:;style-src * 'unsafe-inline';style-src-elem * 'unsafe-inline';font-src * data:;object-src 'none';base-uri 'self';frame-src https://motoko.agorapp.dev https://www.google.com;frame-ancestors https://internetcomputer.matomo.cloud;form-action 'self' https://dfinity.us16.list-manage.com https://internetcomputer.org;upgrade-insecure-requests;",
"X-Frame-Options": "DENY",
"Referrer-Policy": "same-origin",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains",
Expand Down

0 comments on commit 5adfc7f

Please sign in to comment.