diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 15:17:09 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 15:17:09 +0000 |
| commit | 3a791603b825f41130028d256d58bbec105cc170 (patch) | |
| tree | bbb21cc2deb7cca2a04135596f1693a52f0349ff | |
| parent | Setting ServerSignature to Off in security.conf. (diff) | |
| download | apache2-3a791603b825f41130028d256d58bbec105cc170.tar.xz apache2-3a791603b825f41130028d256d58bbec105cc170.zip | |
Setting Content-Security-Policy to "default-src https: 'self'; style-src https: 'self' 'unsafe-inline'".
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
| -rw-r--r-- | debian/apache2.postinst | 3 | ||||
| -rw-r--r-- | debian/config-dir/conf-available/csp.conf | 7 |
2 files changed, 9 insertions, 1 deletions
diff --git a/debian/apache2.postinst b/debian/apache2.postinst index a980441..c9a0192 100644 --- a/debian/apache2.postinst +++ b/debian/apache2.postinst @@ -55,7 +55,8 @@ enable_default_conf() { if is_fresh_install $@ ; then for conf in charset localized-error-pages other-vhosts-access-log \ - security serve-cgi-bin ; do + security serve-cgi-bin \ + csp ; do a2enconf -m -q $conf done fi diff --git a/debian/config-dir/conf-available/csp.conf b/debian/config-dir/conf-available/csp.conf new file mode 100644 index 0000000..ccbeadf --- /dev/null +++ b/debian/config-dir/conf-available/csp.conf @@ -0,0 +1,7 @@ +# /etc/apache2/conf-available/csp.conf + +<IfModule mod_ssl.c> + <IfModule mod_headers.c> + Header always set Content-Security-Policy "default-src https: 'self'; style-src https: 'self' 'unsafe-inline'" + </IfModule> +</IfModule> |