Skip to content

Commit

Permalink
Add frame-ancestor and cloudflare insights to CSP
Browse files Browse the repository at this point in the history
  • Loading branch information
@elifmeric
elifmeric committed Nov 5, 2024
1 parent 37a9aa3 commit a081c8a
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions src/prpl.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,7 @@ export function makeHandler(root?: string, config?: Config): (
"https://digiavantaj.cake.aclz.net",
"*.efilli.com",
"https://analytics.tiktok.com",
"*.cloudflareinsights.com"
];

const frameSrcAllowedHosts = [
Expand Down Expand Up @@ -293,6 +294,7 @@ export function makeHandler(root?: string, config?: Config): (
+ "font-src 'self' data: https://fonts.gstatic.com ; "
+ `img-src data: blob: 'self' 'unsafe-inline' https://*.migrosone.com ${imageSrcAllowedHosts.join(' ')} ; `
+ `frame-src ${frameSrcAllowedHosts.join(' ')} ; `
+ "frame-ancestor 'self https://*.migros.com.tr"
+ `style-src 'self' 'unsafe-inline' ${styleSrcAllowedHosts.join(' ')} ;`
+ `manifest-src 'self' ; `
+ "worker-src 'self' blob: ;"
Expand Down

0 comments on commit a081c8a

Please sign in to comment.