nick
/
tabi-test
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

📝 fix: clarify requirements for A+ Observatory score

Browse Source
main
welpo 2 years ago
parent 65a3fcebba
commit 4d18be3a83
No known key found for this signature in database
GPG Key ID: A2F978CF4EC1F5A6
2 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File

5
config.toml
Unescape Escape View File

@ -33,7 +33,6 @@ favicon = ""
# This header image is used for SEO. For example if you were to share an image via Messenger/Instagram/Twitter a preview picture is also presented # This header image is used for SEO. For example if you were to share an image via Messenger/Instagram/Twitter a preview picture is also presented
headerImage = "" headerImage = ""
# The icon is display besides the menu text but is not necessary. It needs to be placed under "menu_icon" in the static "folder"
menu = [ menu = [
{ name = "blog", url = "$BASE_URL/blog" }, { name = "blog", url = "$BASE_URL/blog" },
{ name = "archive", url = "$BASE_URL/archive" }, { name = "archive", url = "$BASE_URL/archive" },
@ -41,7 +40,7 @@ menu = [
{ name = "projects", url = "$BASE_URL/projects" }, { name = "projects", url = "$BASE_URL/projects" },
] ]
#The icons available can be found in "social_icons" in the "static" folder # The icons available can be found in "social_icons" in the "static" folder
socials = [ socials = [
{ name = "atom feed", url = "$BASE_URL/atom.xml", icon = "rss" }, { name = "atom feed", url = "$BASE_URL/atom.xml", icon = "rss" },
{ name = "github", url = "https://github.com/welpo/", icon = "github" }, { name = "github", url = "https://github.com/welpo/", icon = "github" },
@ -56,7 +55,7 @@ socials = [
# Useful if you want to load remote content safely (embed YouTube videos, which needs frame-src, for example). # Useful if you want to load remote content safely (embed YouTube videos, which needs frame-src, for example).
# Default directive is self. # Default directive is self.
# Default config, allows for https remote images and embedding YouTube and Vimeo content. # Default config, allows for https remote images and embedding YouTube and Vimeo content.
# This configuration gets an A+ in Mozilla's Observatory: https://observatory.mozilla.org # This configuration (along with the right webserver settings) gets an A+ in Mozilla's Observatory: https://observatory.mozilla.org
allowed_domains = [ allowed_domains = [
{ directive = "img-src", domains = ["'self'", "https://*"] }, { directive = "img-src", domains = ["'self'", "https://*"] },
{ directive = "script-src", domains = ["'self'"] }, { directive = "script-src", domains = ["'self'"] },

2
content/blog/security.md
Unescape Escape View File

@ -1,7 +1,7 @@
+++ +++
title = "Secure by default" title = "Secure by default"
date = 2023-02-22 date = 2023-02-22
updated = 2023-03-13 updated = 2023-04-14
description = "tabi has an easily customizable Content Security Policy (CSP) with safe defaults. Get peace of mind and an A+ on Mozilla Observatory." description = "tabi has an easily customizable Content Security Policy (CSP) with safe defaults. Get peace of mind and an A+ on Mozilla Observatory."
[taxonomies] [taxonomies]

Write Preview
Loading…
Cancel
Save