From 324778c7e008128b8e9e1ea1699cd5250a81c73d Mon Sep 17 00:00:00 2001 From: Vincent Ambo <tazjin@gmail.com> Date: Sat, 14 Apr 2018 17:59:52 +0200 Subject: fix(templates): Set CSPs on templates --- templates/index.html | 1 + templates/new-thread.html | 1 + templates/thread.html | 1 + 3 files changed, 3 insertions(+) (limited to 'templates') diff --git a/templates/index.html b/templates/index.html index f499f4047e3b..35cfeba05023 100644 --- a/templates/index.html +++ b/templates/index.html @@ -3,6 +3,7 @@ <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> + <meta http-equiv="Content-Security-Policy" content="script-src 'self';"> <!-- Bootstrap CSS --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous"> <title>Converse Index</title> diff --git a/templates/new-thread.html b/templates/new-thread.html index fec26fb5aa0b..855626b8e423 100644 --- a/templates/new-thread.html +++ b/templates/new-thread.html @@ -3,6 +3,7 @@ <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> + <meta http-equiv="Content-Security-Policy" content="script-src 'self';"> <!-- Bootstrap CSS --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous"> <title>Converse Index</title> diff --git a/templates/thread.html b/templates/thread.html index 4909365a8005..6222b9926d6e 100644 --- a/templates/thread.html +++ b/templates/thread.html @@ -3,6 +3,7 @@ <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> + <meta http-equiv="Content-Security-Policy" content="script-src 'self';"> <!-- Bootstrap CSS --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous"> <title>Converse: {{ title }}</title> -- cgit 1.4.1