4 Aug
2018
4 Aug
'18
8 a.m.
On Sat, Aug 04, 2018 at 12:34:10AM +0200, Jelle van der Waa <jelle@vdwaa.nl> wrote:
add_header Content-Security-Policy "default-src 'self'; style-src 'self'; font-src 'self'; form-action 'self';"
I assume, that our javascript/css is static so we might want to move it to a subdomain and only allow that subdomain. Apart from that I like the idea(s)! Florian