Optimized CSP rules

2025-09-01 08:08:59 +02:00 · 2025-06-03 14:32:15 +02:00
parent cc9b634bb8
commit ebd74db3c4
27 changed files with 57 additions and 39 deletions
--- a/roles/docker-wordpress/vars/configuration.yml
+++ b/roles/docker-wordpress/vars/configuration.yml
@@ -20,7 +20,7 @@ csp:
  flags:
    style-src:
      unsafe-inline:  true
-    script-src:
+    script-src-elem:
      unsafe-inline:  true
      unsafe-eval:    true
  whitelist:
@@ -29,7 +29,7 @@ csp:
    font-src:
      - "data:"
      - "https://fonts.bunny.net"
-    script-src:
+    script-src-elem:
      - "https://cdn.gtranslate.net"
      - "blog.{{ primary_domain }}"
    style-src: