From 2a681f005f3d62a49c2bda293f7289824ad73e7d Mon Sep 17 00:00:00 2001 From: welpo Date: Mon, 13 Mar 2023 15:44:21 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=93=9D=20docs:=20replace=20"last=20lines"?= =?UTF-8?q?=20to=20"last=20directive"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- content/blog/security.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/content/blog/security.md b/content/blog/security.md index a6e84a5..efac83c 100644 --- a/content/blog/security.md +++ b/content/blog/security.md @@ -1,6 +1,7 @@ +++ title = "Secure by default" date = 2023-02-22 +updated = 2023-03-13 description = "tabi has an easily customizable Content Security Policy (CSP) with safe defaults. Get peace of mind and an A+ on Mozilla Observatory." [taxonomies] @@ -9,7 +10,7 @@ tags = ["security", "showcase"] The default configuration of the theme gets an A+ score on [Mozilla Observatory](https://observatory.mozilla.org). -This is accomplished by programatically configuring Content Security Policy (CSP) headers based on a user-defined list of allowed domains in the theme's `config.toml` file. Here's the default and recommended setup (you could remove the last lines if you don't want to embed videos): +This is accomplished by programatically configuring Content Security Policy (CSP) headers based on a user-defined list of allowed domains in the theme's `config.toml` file. Here's the default and recommended setup (you could remove the last directive if you don't want to embed videos): ``` [extra]