mirror of
https://github.com/QuivrHQ/quivr.git
synced 2024-12-15 01:21:48 +03:00
✨ add github mediasource in security headers (#551)
This commit is contained in:
parent
3ba2c92b50
commit
abe7cca902
@ -18,6 +18,7 @@ const ContentSecurityPolicy = `
|
|||||||
default-src 'self' https://fonts.googleapis.com ${process.env.NEXT_PUBLIC_SUPABASE_URL} https://api.june.so https://www.quivr.app/;
|
default-src 'self' https://fonts.googleapis.com ${process.env.NEXT_PUBLIC_SUPABASE_URL} https://api.june.so https://www.quivr.app/;
|
||||||
connect-src 'self' ${process.env.NEXT_PUBLIC_SUPABASE_URL} ${process.env.NEXT_PUBLIC_BACKEND_URL} https://api.june.so;
|
connect-src 'self' ${process.env.NEXT_PUBLIC_SUPABASE_URL} ${process.env.NEXT_PUBLIC_BACKEND_URL} https://api.june.so;
|
||||||
img-src 'self' data:;
|
img-src 'self' data:;
|
||||||
|
media-src 'self' https://user-images.githubusercontent.com;
|
||||||
script-src 'unsafe-inline' 'unsafe-eval' https://va.vercel-scripts.com/ https://www.quivr.app/;
|
script-src 'unsafe-inline' 'unsafe-eval' https://va.vercel-scripts.com/ https://www.quivr.app/;
|
||||||
frame-ancestors 'none';
|
frame-ancestors 'none';
|
||||||
style-src 'unsafe-inline' https://www.quivr.app/;
|
style-src 'unsafe-inline' https://www.quivr.app/;
|
||||||
|
Loading…
Reference in New Issue
Block a user