From 4ae6607a3bfa11a76245a5e566a754f6ffcdfb4c Mon Sep 17 00:00:00 2001 From: Salar Rahmanian Date: Sun, 27 Oct 2024 20:26:16 -0700 Subject: [PATCH] csp corrections for matomo --- config.toml | 4 +-- templates/partials/analytics.html | 15 ---------- templates/partials/custom_header.html | 42 ++++++++++++++++++--------- 3 files changed, 30 insertions(+), 31 deletions(-) delete mode 100644 templates/partials/analytics.html diff --git a/config.toml b/config.toml index b3d426f..e72644c 100644 --- a/config.toml +++ b/config.toml @@ -212,10 +212,10 @@ copyright = "© $CURRENT_YEAR $AUTHOR $SEPARATOR Unless otherwise noted, the con # Default config, allows for https remote images and embedding YouTube and Vimeo content. # This configuration (along with the right webserver settings) gets an A+ in Mozilla's Observatory: https://observatory.mozilla.org allowed_domains = [ - { directive = "connect-src", domains = ["'self'"] }, + { directive = "connect-src", domains = ["'self'", "http://wisdom.softinio.com/matomo.php"] }, { directive = "font-src", domains = ["'self'", "data:"] }, { directive = "img-src", domains = ["'self'", "https://*", "data:"] }, - { directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js", "https://static.cloudflareinsights.com" ] }, + { directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js", "https://static.cloudflareinsights.com", "http://wisdom.softinio.com/matomo.js","'sha256-f5+1KXLs1mZ8y68NQwBoE7PzEG3F0whGW7NzS9tC4rg='"] }, { directive = "style-src", domains = ["'self'"] }, { directive = "frame-src", domains = ["player.vimeo.com", "https://www.youtube-nocookie.com", "https://watch.softinio.com", "https://notes.softinio.com/embed"] }, ] diff --git a/templates/partials/analytics.html b/templates/partials/analytics.html deleted file mode 100644 index 77e209d..0000000 --- a/templates/partials/analytics.html +++ /dev/null @@ -1,15 +0,0 @@ - - - diff --git a/templates/partials/custom_header.html b/templates/partials/custom_header.html index 31e31fc..fa5a7cc 100644 --- a/templates/partials/custom_header.html +++ b/templates/partials/custom_header.html @@ -1,34 +1,48 @@ + + + + {% if config.extra.favicon180 %} - + {% endif %} {% if config.extra.favicon32 %} - + {% endif %} {% if config.extra.favicon16 %} - + {% endif %} {%- if config.author %} - + {%- endif %} - + {%- if page.extra.keywords and config.extra.keywords %} - + {%- elif page.extra.keywords %} - + {%- elif config.extra.keywords %} - + {%- endif %} {%- if config.extra.google %} - + {%- endif %} {%- if config.extra.bing %} - + {%- endif %} {%- if config.extra.twitter_meta %} - - + + {%- endif %} - -