fix cdn use and nginx restrict cdn

2025-06-13 16:52:37 +07:00
parent 4517f7efcb
commit e9566d4c8a
3 changed files with 18 additions and 13 deletions
--- a/docker/nginx.conf
+++ b/docker/nginx.conf
@@ -82,5 +82,5 @@ server {
    add_header X-XSS-Protection "1; mode=block" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header Referrer-Policy "no-referrer-when-downgrade" always;
-    add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
+    add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://cdn.datatables.net https://maps.google.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.datatables.net; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:;" always;
 }