updated csp

added stats icon

README.md

@@ -12,7 +12,7 @@ Website for sp-codes.de
 The following Parameters are set directly on the Web-Server.
 
 ```
-Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; font-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'none'
+Content-Security-Policy: default-src 'none'; script-src 'self' https://plausible.sp-codes.de; object-src 'none'; style-src 'self'; img-src 'self'; media-src 'none'; frame-src 'none'; font-src 'self'; connect-src 'self' https://plausible.sp-codes.de; require-trusted-types-for 'script'
 Referrer-Policy: same-origin
 Feature-Policy: sync-xhr 'self'
 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
@@ -21,4 +21,4 @@ X-Frame-Options: DENY
 X-XSS-Protection: 1; mode=block
 ```
 
-There is also a `301` Redirect from http to https.
+There is also a `301` Redirect from http to https.

sites/_includes/layouts/base.njk

@@ -75,7 +75,8 @@ title: sp-codes
         <div class="d-flex justify-content-sm-start flex-wrap">
             <div class="mr-3"><a href="/{{locale}}/imprint"><span class="fas fa-info-circle mr-2"></span>{{strings.imprint[locale]}}</a></div>
             <div class="mr-3"><a href="/{{locale}}/privacy"><span class="fas fa-user-secret mr-2"></span>{{strings.privacy[locale]}}</a></div>
-            <div><a target="_blank" href="https://git.sp-codes.de/samuel-p/sp-codes.de"><span class="fas fa-code mr-2"></span>Code</a></div>
+            <div class="mr-3"><a target="_blank" href="https://git.sp-codes.de/samuel-p/sp-codes.de"><span class="fas fa-code mr-2"></span>Code</a></div>
+            <div><a target="_blank" href="https://plausible.sp-codes.de/sp-codes.de"><span class="fas fa-chart-line mr-2"></span>Stats</a></div>
         </div>
     </div>
   </body>