Skip to content

Commit d3242da

Browse files
philwarehamphilwareham
committed
Allow GitHub API connection in CSP
1 parent d996de0 commit d3242da

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

src/docs/htaccess.txt

+1-1
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
Header always set X-XSS-Protection "1; mode=block"
1616
Header always set X-Frame-Options "DENY"
1717
Header always set X-Content-Type-Options "nosniff"
18-
Header set Content-Security-Policy "default-src 'self'; font-src textpattern.io https://textpattern.io; img-src 'self' data: * https://*; media-src 'self' * https://*; style-src 'self' 'unsafe-inline' textpattern.io https://textpattern.io; script-src 'self' 'sha256-YYScNyq3RC/7G7GRTG1R3s34wQFeFysoFR64eLJ0lsQ=' textpattern.io https://textpattern.io"
18+
Header set Content-Security-Policy "default-src 'self'; font-src textpattern.io https://textpattern.io; img-src 'self' data: * https://*; media-src 'self' * https://*; style-src 'self' 'unsafe-inline' textpattern.io https://textpattern.io; script-src 'self' 'sha256-YYScNyq3RC/7G7GRTG1R3s34wQFeFysoFR64eLJ0lsQ=' textpattern.io https://textpattern.io; connect-src 'self' api.github.com https://api.github.com"
1919

2020
# Expect-CT (TODO: currently in testing).
2121

0 commit comments

Comments
 (0)