fsdfds

2021-12-08 20:27:05 +02:00 · 2021-12-08 20:27:05 +02:00 · 412aac941b
commit 412aac941b
parent 2598f319e9
1 changed files with 1 additions and 1 deletions
--- a/files/main.py
+++ b/files/main.py
@ -125,7 +125,7 @@ def after_request(response):

 	response.headers.add("Strict-Transport-Security", "max-age=31536000")
 	response.headers.add("X-Frame-Options", "deny")
-	response.headers.add("Content-Security-Policy", "script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com; connect-src 'self' cloudflareinsights.co *.pusher.com;")
+	response.headers.add("Content-Security-Policy", "script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com; connect-src 'self' cloudflareinsights.co *.pusher.com;object-src 'none';")
 	return response