Set a content security policy in .htaccess

My Web site disables JavaScript by default, so we need to override
that if the Web editor is going to work.
This commit is contained in:
Ben Harris 2025-10-05 10:08:46 +01:00
parent b62b0454b5
commit 1edf533277

View File

@ -6,3 +6,4 @@ AddType font/otf;outlines=CFF .otf
</FilesMatch> </FilesMatch>
AddOutputFilterByType DEFLATE application/xhtml+xml text/css font/otf \ AddOutputFilterByType DEFLATE application/xhtml+xml text/css font/otf \
text/plain text/x-csrc application/postscript text/plain text/x-csrc application/postscript
Header set Content-Security-Policy "object-src 'none';"