Browse Source

updated csp

added stats icon
pull/19/head
Samuel Philipp 4 months ago
parent
commit
0780afbb2e
2 changed files with 4 additions and 3 deletions
  1. + 2
    - 2
      README.md
  2. + 2
    - 1
      sites/_includes/layouts/base.njk

+ 2
- 2
README.md

@ -12,7 +12,7 @@ Website for sp-codes.de
The following Parameters are set directly on the Web-Server.
```
Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; font-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'none'
Content-Security-Policy: default-src 'none'; script-src 'self' https://plausible.sp-codes.de; object-src 'none'; style-src 'self'; img-src 'self'; media-src 'none'; frame-src 'none'; font-src 'self'; connect-src 'self' https://plausible.sp-codes.de; require-trusted-types-for 'script'
Referrer-Policy: same-origin
Feature-Policy: sync-xhr 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
@ -21,4 +21,4 @@ X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
```
There is also a `301` Redirect from http to https.
There is also a `301` Redirect from http to https.

+ 2
- 1
sites/_includes/layouts/base.njk

@ -75,7 +75,8 @@ title: sp-codes
<div class="d-flex justify-content-sm-start flex-wrap">
<div class="mr-3"><a href="/{{locale}}/imprint"><span class="fas fa-info-circle mr-2"></span>{{strings.imprint[locale]}}</a></div>
<div class="mr-3"><a href="/{{locale}}/privacy"><span class="fas fa-user-secret mr-2"></span>{{strings.privacy[locale]}}</a></div>
<div><a target="_blank" href="https://git.sp-codes.de/samuel-p/sp-codes.de"><span class="fas fa-code mr-2"></span>Code</a></div>
<div class="mr-3"><a target="_blank" href="https://git.sp-codes.de/samuel-p/sp-codes.de"><span class="fas fa-code mr-2"></span>Code</a></div>
<div><a target="_blank" href="https://plausible.sp-codes.de/sp-codes.de"><span class="fas fa-chart-line mr-2"></span>Stats</a></div>
</div>
</div>
</body>

Loading…
Cancel
Save