From 3a30986356857d4174e1a656b978c06e99dfadaf Mon Sep 17 00:00:00 2001 From: Andrew Simonson Date: Tue, 24 Oct 2023 19:15:28 -0400 Subject: [PATCH] cry --- flask.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flask.conf b/flask.conf index 75fad48..9907a83 100644 --- a/flask.conf +++ b/flask.conf @@ -11,7 +11,7 @@ server { gzip_types text/plain text/javascript text/css; gunzip on; - add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudflare.com *.chesscomfiles.com *.chess.com *.googletagmanager.com cdn.jsdelivr.net www.google-analytics.com ajax.googleapis.com *.unpkg.com;"; + add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudflare.com *.chesscomfiles.com *.chess.com *.googletagmanager.com cdn.jsdelivr.net www.google-analytics.com ajax.googleapis.com unpkg.com *.unpkg.com;"; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; add_header X-Content-Type-Options 'nosniff'; add_header X-Frame-Options 'SAMEORIGIN';