diff --git a/ansible/roles/cezen-nginx/files/cezen.conf b/ansible/roles/cezen-nginx/files/cezen.conf index 1bcb757..ddf0b20 100644 --- a/ansible/roles/cezen-nginx/files/cezen.conf +++ b/ansible/roles/cezen-nginx/files/cezen.conf @@ -32,17 +32,7 @@ server { add_header X-XSS-Protection "1; mode=block" always; add_header Referrer-Policy "strict-origin-when-cross-origin" always; add_header Permissions-Policy "geolocation=(), camera=(), microphone=()" always; - add_header Content-Security-Policy - "default-src 'self'; " - "script-src 'self' 'unsafe-inline'; " - "style-src 'self' 'unsafe-inline'; " - "img-src 'self' data:; " - "connect-src 'self'; " - "frame-src 'self'; " - "font-src 'self'; " - "object-src 'none'; " - "base-uri 'self';" - always; + add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; frame-src 'self'; font-src 'self'; object-src 'none'; base-uri 'self';" always; # ─── robots.txt — block all indexing (air-gapped / private portal) ──────── location = /robots.txt { diff --git a/nginx/cezen.conf b/nginx/cezen.conf index 1bcb757..ddf0b20 100644 --- a/nginx/cezen.conf +++ b/nginx/cezen.conf @@ -32,17 +32,7 @@ server { add_header X-XSS-Protection "1; mode=block" always; add_header Referrer-Policy "strict-origin-when-cross-origin" always; add_header Permissions-Policy "geolocation=(), camera=(), microphone=()" always; - add_header Content-Security-Policy - "default-src 'self'; " - "script-src 'self' 'unsafe-inline'; " - "style-src 'self' 'unsafe-inline'; " - "img-src 'self' data:; " - "connect-src 'self'; " - "frame-src 'self'; " - "font-src 'self'; " - "object-src 'none'; " - "base-uri 'self';" - always; + add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; frame-src 'self'; font-src 'self'; object-src 'none'; base-uri 'self';" always; # ─── robots.txt — block all indexing (air-gapped / private portal) ──────── location = /robots.txt {