Skip to content

Commit 6bc16e2

Browse files
lukpuehlukpueh
committed
Updated CSP header to allow embedded youtube
Signed-off-by: Lukas Puehringer <[email protected]>
1 parent 82b4477 commit 6bc16e2

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

netlify.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ to = "https://theupdateframework.github.io/specification/latest/"
2626
[[headers]]
2727
for = "/*"
2828
[headers.values]
29-
Content-Security-Policy = "default-src 'self' code.jquery.com fonts.googleapis.com fonts.gstatic.com use.fontawesome.com app.netlify.com netlify-cdp-loader.netlify.app"
29+
Content-Security-Policy = "default-src 'self' code.jquery.com fonts.googleapis.com fonts.gstatic.com use.fontawesome.com app.netlify.com netlify-cdp-loader.netlify.app youtube.com; frame-src youtube.com www.youtube.com"
3030
X-Frame-Options = "deny"
3131
X-Content-Type-Options = "nosniff"
3232
Referrer-Policy = "no-referrer-when-downgrade"

0 commit comments

Comments
 (0)