Fix COEP

Signed-off-by: Tommy <contact@tommytran.io>
2024-09-28 13:34:42 -04:00 · 2022-11-25 20:45:31 -05:00 · 2022-11-25 20:45:31 -05:00 · 1be4d6dbbb
commit 1be4d6dbbb
parent 60c328d676
1 changed files with 7 additions and 2 deletions
--- a/static/_headers
+++ b/static/_headers
@ -16,18 +16,23 @@

 /posts/knowledge/multi-factor-authentication/
  Content-Security-Policy : default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-src https://www.youtube-nocookie.com https://www.google.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
+  Cross-Origin-Embedder-Policy : unsafe-none
  
 /posts/android/android-tips/
  Content-Security-Policy : default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-src https://www.youtube-nocookie.com https://www.google.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
-
+  Cross-Origin-Embedder-Policy : unsafe-none
+  
 /posts/android/choosing-your-android-based-operating-system/
  Content-Security-Policy : default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-src https://www.youtube-nocookie.com https://www.google.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
-  
+  Cross-Origin-Embedder-Policy : unsafe-none
+
 /posts/linux/choosing-your-desktop-linux-distribution/
  Content-Security-Policy : default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-src https://www.youtube-nocookie.com https://www.google.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
+  Cross-Origin-Embedder-Policy : unsafe-none

 /posts/linux/desktop-linux-hardening/
  Content-Security-Policy : default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-src https://www.youtube-nocookie.com https://www.google.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
+  Cross-Origin-Embedder-Policy : unsafe-none  
  
 /*.xml
  Content-Security-Policy : default-src 'none'; img-src 'self' data: https://www.w3.org/; style-src 'self' 'unsafe-inline'; block-all-mixed-content; base-uri 'none'