Halaman utama Jelajahi Bantuan
Daftar Masuk
a.druzhinin
/
hugo-coder
cermin dari https://github.com/luizdepra/hugo-coder.git
1
0
Fork 0
Berkas Masalah 0 Wiki
Jelajahi Sumber

Remove prefetch-src. (#883)

### Prerequisites

- [x] This pull request fixes a bug.
- [ ] This pull request adds a feature.
- [ ] This pull request introduces breaking change.

### Description

Removes (delimit .Site.Params.csp.prefetchsrc " ") from
layouts/partials/csp.html.

### Issues Resolved

#881

### Checklist

#### General

- [x] Describe what changes are being made
- [x] Explain why and how the changes were necessary and implemented
respectively
- [x] Reference issue with `#<ISSUE_NO>` if applicable

#### Resources

- [ ] If you have changed any SCSS code, run `make release` to
regenerate all CSS files

#### Contributors

- [x] Add yourself to `CONTRIBUTORS.md` if you aren't on it already
Sammy 1 tahun lalu
induk
41da7db701
melakukan
943d8597b5
2 mengubah file dengan 4 tambahan dan 3 penghapusan
Tampilan Split Tampilkan Statistik Diff
  1. 3 2
      docs/configurations.md
  2. 1 1
      layouts/partials/csp.html

+ 3 - 2
docs/configurations.md
Tampilan Berkas 

@@ -204,7 +204,7 @@ CSP stands for [Content Security Policy](https://developers.google.com/web/funda
 
 | objectsrc      | string list | Yes      |             | `["'self'"]`                    |
 
 | stylesrc       | string list | Yes      |             | `["'self'"]`                    |
 
 | scriptsrc      | string list | Yes      |             | `["'self'"]`                    |
 
-| prefetchsrc    | string list | Yes      |             | `["'self'"]`                    |
 
+| connectsrc     | string list | Yes      |             | `["'self'"]`                    |
 
 
 An example:
 
 
@@ -231,7 +231,8 @@ An example:
 
     "'unsafe-inline'",
 
     "https://www.google-analytics.com"
 
   ]
 
-  prefetchsrc = ["'self'"]
 
+  # connect-src directive – defines valid targets for XMLHttpRequest (AJAX), WebSockets or EventSource
 
+  connectsrc = ["'self'"]
 
 ```
 
 
 ## Complete Example

+ 1 - 1
layouts/partials/csp.html
Tampilan Berkas 

@@ -1 +1 @@
 
-{{ printf `<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests; block-all-mixed-content; default-src 'self'; child-src %s; font-src %s; form-action %s; frame-src %s; img-src %s; object-src %s; style-src %s; script-src %s; prefetch-src %s; connect-src %s;">` (delimit .Site.Params.csp.childsrc " ") (delimit .Site.Params.csp.fontsrc " ") (delimit .Site.Params.csp.formaction " ") (delimit .Site.Params.csp.framesrc " ") (delimit .Site.Params.csp.imgsrc " ") (delimit .Site.Params.csp.objectsrc " ") (delimit .Site.Params.csp.stylesrc " ") (delimit .Site.Params.csp.scriptsrc " ") (delimit .Site.Params.csp.prefetchsrc " ") (delimit .Site.Params.csp.connectsrc " ") | safeHTML }}
 
+{{ printf `<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests; block-all-mixed-content; default-src 'self'; child-src %s; font-src %s; form-action %s; frame-src %s; img-src %s; object-src %s; style-src %s; script-src %s; connect-src %s;">` (delimit .Site.Params.csp.childsrc " ") (delimit .Site.Params.csp.fontsrc " ") (delimit .Site.Params.csp.formaction " ") (delimit .Site.Params.csp.framesrc " ") (delimit .Site.Params.csp.imgsrc " ") (delimit .Site.Params.csp.objectsrc " ") (delimit .Site.Params.csp.stylesrc " ") (delimit .Site.Params.csp.scriptsrc " ") (delimit .Site.Params.csp.connectsrc " ") | safeHTML }}