many
This commit is contained in:
10
index.php
10
index.php
@@ -2,12 +2,14 @@
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
$styleNonce = base64_encode(random_bytes(16));
|
||||
|
||||
header("Content-Type: text/html; charset=UTF-8");
|
||||
header("X-Content-Type-Options: nosniff");
|
||||
header("Referrer-Policy: strict-origin-when-cross-origin");
|
||||
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
|
||||
header(
|
||||
"Content-Security-Policy: default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors *",
|
||||
"Content-Security-Policy: default-src 'none'; style-src 'self' 'nonce-{$styleNonce}'; base-uri 'none'; form-action 'none'; frame-ancestors *",
|
||||
);
|
||||
if (function_exists("header_remove")) {
|
||||
header_remove("X-Frame-Options");
|
||||
@@ -100,7 +102,11 @@ $next = $sites[($index + 1) % $total];
|
||||
) ?>" target="_top" rel="noopener noreferrer">NEXT →</a>
|
||||
</div>
|
||||
|
||||
<style>
|
||||
<style nonce="<?= htmlspecialchars(
|
||||
$styleNonce,
|
||||
ENT_QUOTES | ENT_SUBSTITUTE,
|
||||
"UTF-8",
|
||||
) ?>">
|
||||
:root {
|
||||
--bg-1: #1d2021;
|
||||
--bg0: #282828;
|
||||
|
||||
Reference in New Issue
Block a user