Skip to content

Commit

Permalink
chore: add qrserver api security policy
Browse files Browse the repository at this point in the history
  • Loading branch information
acnormun committed Nov 7, 2024
1 parent 667baa6 commit 902b604
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion nginx.conf
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ http {
set $CSP_SCRIPT "script-src 'self' 'unsafe-eval' 'unsafe-inline' www.googletagmanager.com accounts.google.com connect.facebook.net *.hotjar.com www.google-analytics.com cdn.logr-ingest.com";
set $CSP_STYLE "style-src 'self' 'unsafe-hashes' 'unsafe-inline' ilhasoft.com.br accounts.google.com fonts.googleapis.com";
set $CSP_FONT "font-src 'self' data: fonts.gstatic.com";
set $CSP_IMAGE "img-src 'self' data: blob: www.google-analytics.com www.google.com.br www.googletagmanager.com *.amazonaws.com https://tile.openstreetmap.org https://cdn.jsdelivr.net";
set $CSP_IMAGE "img-src 'self' data: blob: www.google-analytics.com www.google.com.br www.googletagmanager.com *.amazonaws.com https://tile.openstreetmap.org https://cdn.jsdelivr.net https://api.qrserver.com/";
set $CSP_CONNECT "connect-src 'self' data: blob: *.weni.ai *.bothub.it accounts.google.com www.google-analytics.com analytics.google.com *.hotjar.io wss://ws.hotjar.com https://cdn.plyr.io https://pps.whatsapp.net/";
set $CSP_FRAME_SRC "frame-src 'self' *.weni.ai https://td.doubleclick.net";
set $CSP_WORKER_SRC "worker-src data: blob:";
Expand Down

0 comments on commit 902b604

Please sign in to comment.