From bbfca3190f3c3cac5eefd74ed30d0c4b14f08f0c Mon Sep 17 00:00:00 2001
From: Vika <vika@fireburn.ru>
Date: Thu, 2 Jan 2025 14:50:34 +0300
Subject: Harden default CSP

Change-Id: I31362b3ec779a1eaea54c0d9567daa5de0ae0fc0
---
 src/lib.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/lib.rs b/src/lib.rs
index 3fb6845..6d8e784 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -311,7 +311,7 @@ St: Clone + Send + Sync + 'static
         .layer(tower_http::set_header::SetResponseHeaderLayer::appending(
             axum::http::header::CONTENT_SECURITY_POLICY,
             axum::http::HeaderValue::from_static(
-                "default-src https:; img-src https:; script-src 'self'; style-src 'self'; script-src-attr 'none'; base-uri 'none'"
+                "default-src 'self'; img-src https:; script-src 'self'; style-src 'self'; base-uri 'none'; object-src 'none'"
             )
         ))
 }
-- 
cgit 1.4.1