mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-01-21 07:55:00 +00:00
2467d6a033
- This allows overriding these headers in individual pages easily instead of relaxing global policy. - Drop the obsolete CSP directive "block-all-mixed-content" and avoid a console warning in Firefox. Tests: - Load a page and notice in the browser developer tools that the three headers referrer-policy, content-security-policy, and x-content-type-options are set as before. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>