diff --git a/nginx/sites-available/search.zzls.xyz.conf b/nginx/sites-available/search.zzls.xyz.conf index 722c210..3413b92 100755 --- a/nginx/sites-available/search.zzls.xyz.conf +++ b/nginx/sites-available/search.zzls.xyz.conf @@ -37,6 +37,9 @@ server { # QUIC add_header Alt-Svc 'h3=":443"; ma=86400'; + # CSP + add_header content-security-policy 'default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self' https://github.com/tiekoetter/searxng/issues/new; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src 'self' data: https://*.tile.openstreetmap.org; frame-src 'self' https://www.youtube-nocookie.com https://invidious.tiekoetter.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com https://open.spotify.com/'; + quic_retry on; quic_gso on; ssl_early_data on;