From f24eb27bef4ecbb9b7d1702d9a10fcdba913300c Mon Sep 17 00:00:00 2001
From: Salar Rahmanian <code@softinio.com>
Date: Sat, 17 Feb 2024 09:37:00 -0800
Subject: [PATCH] cors and security fixes

---
 config.toml     | 2 +-
 static/_headers | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 static/_headers

diff --git a/config.toml b/config.toml
index 401f6f3..ad22981 100644
--- a/config.toml
+++ b/config.toml
@@ -197,7 +197,7 @@ copyright = "© $CURRENT_YEAR $AUTHOR $SEPARATOR Unless otherwise noted, the con
 allowed_domains = [
     { directive = "font-src", domains = ["'self'", "data:"] },
     { directive = "img-src", domains = ["'self'", "https://*", "data:"] },
-    { directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js"] },
+    { directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js", "https://static.cloudflareinsights.com/beacon.min.js"] },
     { directive = "style-src", domains = ["'self'"] },
     { directive = "frame-src", domains = ["player.vimeo.com", "https://www.youtube-nocookie.com", "https://watch.softinio.com", "https://notes.softinio.com/embed"] },
 ]
diff --git a/static/_headers b/static/_headers
new file mode 100644
index 0000000..063c000
--- /dev/null
+++ b/static/_headers
@@ -0,0 +1,5 @@
+https://comments.softinio.com
+    Access-Control-Allow-Origin: https://comments.softinio.com 
+https://www.softinio.com
+    Access-Control-Allow-Origin: https://www.softinio.com
+