mirror/Hangar
2
0
Fork 0
mirror of https://github.com/HangarMC/Hangar.git synced 2025-03-13 15:39:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

add google analytics to CSP Header

Browse Source
This commit is contained in:
Jake Potrebic 2020-12-20 18:40:17 -08:00
parent e2ac4f8c4a
commit bfd1c667d0
No known key found for this signature in database
GPG Key ID: 7C58557EC9C421F8
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/io/papermc/hangar/controller/filters/ContentSecurityPolicyFilter.java
View File

@ -20,7 +20,7 @@ public class ContentSecurityPolicyFilter extends OncePerRequestFilter {
public final HangarConfig hangarConfig;
// TODO check this
private static final String CSP = "default-src 'self' {additional-uris} fonts.googleapis.com; style-src fonts.googleapis.com 'self' {additional-uris} 'unsafe-inline'; font-src fonts.gstatic.com; script-src {additional-uris} 'self' 'nonce-{nonce}' 'unsafe-eval'; img-src 'self' data: papermc.io paper.readthedocs.io {additional-uris} {auth-uri}; manifest-src {manifest-uri}; prefetch-src {prefetch-uri}; media-src {prefetch-uri}; object-src 'none'; block-all-mixed-content; frame-ancestors 'none'; base-uri 'none'";
private static final String CSP = "default-src 'self' https://google-analytics.com {additional-uris} fonts.googleapis.com; style-src fonts.googleapis.com 'self' {additional-uris} 'unsafe-inline'; font-src fonts.gstatic.com; script-src {additional-uris} 'self' 'nonce-{nonce}' 'unsafe-eval'; img-src 'self' data: papermc.io paper.readthedocs.io {additional-uris} {auth-uri}; manifest-src {manifest-uri}; prefetch-src {prefetch-uri}; media-src {prefetch-uri}; object-src 'none'; block-all-mixed-content; frame-ancestors 'none'; base-uri 'none'";
@Autowired
public ContentSecurityPolicyFilter(HangarConfig hangarConfig) {