micord/ervu-lkrp-landing
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

SUPPORT-8783: Fix

Browse source
This commit is contained in:
Eduard Tihomirov 2025-01-30 15:21:11 +03:00
parent 059070e7e2
commit 8acc397302
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
config/nginx.conf.template
View file

@ -57,7 +57,7 @@ server {
index index.html;
expires -1;
add_header Content-Security-Policy "frame-ancestors 'none'; default-src 'self'; connect-src 'self' https:; script-src 'self'; style-src 'unsafe-inline' 'self' data:; font-src 'self' data:; img-src 'self' data:;";
add_header Content-Security-Policy "frame-ancestors 'none'; default-src 'self'; connect-src 'self' https://www.sberbank.ru; script-src 'self'; style-src 'unsafe-inline' 'self' data:; font-src 'self' data:; img-src 'self' data:;";
# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|mp3|ogg|ogv|webm|htc|woff2|woff|ttf)$ {

2
html/index.html
View file

@ -5,7 +5,7 @@
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta http-equiv="Content-Security-Policy"
content="default-src 'self'; connect-src 'self' https:; script-src 'self'; style-src 'unsafe-inline' 'self' data:; font-src 'self' data:; img-src 'self' data:"/>
content="default-src 'self'; connect-src 'self' https://www.sberbank.ru; script-src 'self'; style-src 'unsafe-inline' 'self' data:; font-src 'self' data:; img-src 'self' data:"/>
<meta name="referrer" content="strict-origin-when-cross-origin"/>
<script src="script/cert-checker.js"></script>
</head>