From 8896b0143419597fe886a68c57d6ee1aea6e7b87 Mon Sep 17 00:00:00 2001 From: Joshua Ramon Enslin Date: Fri, 3 Jul 2020 18:11:52 +0200 Subject: [PATCH] Harden .htaccess phpcs-errors:238 phpunit-status:successful --- .htaccess | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.htaccess b/.htaccess index 0e595c8..af7ba0c 100644 --- a/.htaccess +++ b/.htaccess @@ -29,6 +29,6 @@ DirectoryIndex index.php AddDefaultCharset UTF-8 # Set content and feature security headers -Header set Content-Security-Policy "default-src 'self'; connect-src 'self'; script-src 'self' https://*.jrenslin.de; img-src 'self' https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self';" -Header set Feature-Policy "midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'self'; gyroscope 'self'; speaker *; payment 'none'; fullscreen 'self'; geolocation 'none';" +Header set Content-Security-Policy "default-src 'none'; connect-src 'none'; script-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'none'; frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self';" +Header set Feature-Policy "midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker *; payment 'none'; fullscreen 'none'; geolocation 'none';"