bedstead/.htaccess
Ben Harris 1edf533277 Set a content security policy in .htaccess
My Web site disables JavaScript by default, so we need to override
that if the Web editor is going to work.
2026-01-13 21:42:18 +00:00

10 lines
350 B
ApacheConf

DirectoryIndex index.xhtml
AddType application/xhtml+xml;charset=UTF-8 .xhtml
AddType font/otf;outlines=CFF .otf
<FilesMatch "^\p{Lu}+$">
ForceType text/plain
</FilesMatch>
AddOutputFilterByType DEFLATE application/xhtml+xml text/css font/otf \
text/plain text/x-csrc application/postscript
Header set Content-Security-Policy "object-src 'none';"