Commit a20e3a0e authored by f's avatar f
Browse files

opt-out websites from floc's user monitoring
parent 73dce2cb
......@@ -14,6 +14,7 @@ server {
add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header Access-Control-Allow-Origin "*";
add_header Content-Security-Policy-Report-Only "default-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src https: 'self'; font-src data: 'self'; img-src https: 'self'; object-src 'none'; connect-src 'self' https://*; report-uri https://api.{{ sutty }}/v1/csp_reports.json";
add_header Permissions-Policy "interest-cohort=()";
ssl_certificate /etc/letsencrypt/live/$ssl_server_name/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$ssl_server_name/privkey.pem;
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment