Beanz/flatpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update plugin.fpprotect.php

Browse Source 
Feature policy removed, as outdated/only possible with older browsers
This commit is contained in:
Frank Hochmuth 2024-04-12 22:21:09 +02:00 committed by GitHub
parent 6217a8a619
commit c2cca7357c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
fp-plugins/fpprotect/plugin.fpprotect.php
View File

@ -14,8 +14,7 @@ header('X-Content-Security-Policy: default-src https: data:; frame-src https: da
header('X-WebKit-CSP: default-src https: data:; frame-src https: data:; base-uri \'self\'; font-src https: data:; script-src https: \'unsafe-inline\' \'unsafe-eval\' blob:; style-src https: \'unsafe-inline\'; img-src https: data: blob:; frame-ancestors \'self\'; manifest-src \'self\'; worker-src \'self\' blob:; connect-src https: blob:; media-src \'self\' blob:; child-src \'self\' blob:; form-action \'self\'; object-src \'self\'');
// End of Content Security Policy rules
header('Feature-Policy: interest-cohort \'none\'; autoplay \'self\'; camera \'self\'; fullscreen *; geolocation \'self\'; microphone \'self\'; payment \'none\''); // Goodbye Feature Policy! // thx Nextcloud-Maps-App, github.com/nextcloud
header('Permissions-Policy: interest-cohort=(), autoplay=(self), camera=(self), fullscreen=*, geolocation=(self), microphone=(self), payment=()'); // Hello Permissions Policy! // thx Nextcloud-Maps-App, github.com/nextcloud
header('Permissions-Policy: interest-cohort=(), autoplay=(self), camera=(self), fullscreen=*, geolocation=(self), microphone=(self), payment=()');
header('Referrer-Policy: strict-origin-when-cross-origin');
header('Strict-Transport-Security: max-age=15552000; includeSubDomains');
header('X-Permitted-Cross-Domain-Policies: none');