rhnvrm
/
rohanverma.net
關註 1
收藏 0
複製 0
程式碼 問題管理 0 合併請求 0 版本發佈 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21 Commit
2 分支
目錄樹: bfee1b40fb
分支列表 標籤列表
${ item.name }
Create branch ${ searchTerm }
from 'bfee1b40fb'
${ noResults }
rohanverma.net/themes/after-dark/layouts/partials/meta/content-security-policy.html

39 line
2.7KB
原始文件 Blame 文件歷史 

  1. {{ $is_disabled := .Param "disable_csp" }}

  2. {{ $site_directives := .Site.Params.security.csp.directives }}

  3. {{ if and $site_directives (ne $is_disabled true) }}

  4.   {{ if ge (len $site_directives) 1 }}

  5.     <meta

  6.       http-equiv="Content-Security-Policy"

  7.       content="default-src{{ if $site_directives.defaultsrc }}

  8.         {{- range $site_directives.defaultsrc }} {{ . | safeHTML }}{{ end -}}

  9.         {{- range .Params.security.csp.directives.defaultsrc }} {{ . | safeHTML }}{{ end -}}

  10.       {{ else }} 'none'{{ end }};connect-src{{ if $site_directives.connectsrc }}

  11.         {{- range $site_directives.connectsrc }} {{ . | safeHTML }}{{ end -}}

  12.         {{- range .Params.security.csp.directives.connectsrc }} {{ . | safeHTML }}{{ end -}}

  13.       {{ else }} 'self'{{ end }};font-src{{ if $site_directives.fontsrc }}

  14.         {{- range $site_directives.fontsrc }} {{ . | safeHTML }}{{ end -}}

  15.         {{- range .Params.security.csp.directives.fontsrc }} {{ . | safeHTML }}{{ end -}}

  16.       {{ else }} 'self'{{ end }};media-src{{ if $site_directives.mediasrc }}

  17.         {{- range $site_directives.mediasrc }} {{ . | safeHTML }}{{ end -}}

  18.         {{- range .Params.security.csp.directives.mediasrc }} {{ . | safeHTML }}{{ end -}}

  19.       {{ else }} 'self'{{ end }};img-src{{ if $site_directives.imgsrc }}

  20.         {{- range $site_directives.imgsrc }} {{ . | safeHTML }}{{ end -}}

  21.         {{- range .Params.security.csp.directives.imgsrc }} {{ . | safeHTML }}{{ end -}}

  22.       {{ else }} 'self' data:{{ end }};script-src{{ if $site_directives.scriptsrc }}

  23.         {{- range $site_directives.scriptsrc }} {{ . | safeHTML }}{{ end -}}

  24.         {{- range .Params.security.csp.directives.scriptsrc }} {{ . | safeHTML }} {{ end -}}

  25.       {{ else }} 'none'{{ end }};style-src{{ if $site_directives.stylesrc }}

  26.         {{- range $site_directives.stylesrc }} {{ . | safeHTML }}{{ end -}}

  27.         {{- range .Params.security.csp.directives.stylesrc }} {{ . | safeHTML }} {{ end -}}

  28.       {{ else }} 'self' 'unsafe-inline'{{ end }};frame-src{{ if $site_directives.framesrc }}

  29.         {{- range $site_directives.framesrc }} {{ . | safeHTML }}{{ end -}}

  30.         {{- range .Params.security.csp.directives.framesrc }} {{ . | safeHTML }} {{ end -}}

  31.       {{ else }} 'self'{{ end }};object-src{{ if $site_directives.objectsrc }}

  32.         {{- range $site_directives.objectsrc }} {{ . | safeHTML }}{{ end -}}

  33.         {{- range .Params.security.csp.directives.objectsrc }} {{ . | safeHTML }} {{ end -}}

  34.       {{ else }} 'none'{{ end }};">

  35.   {{ end }}

  36. {{ else if not $is_disabled }}

  37.   <meta http-equiv="Content-Security-Policy" content="default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'">

  38. {{ end }}