Knah-Tsaeb/MyShaarli
Knah-Tsaeb/MyShaarli
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

[doc] add apache2 CSP config

Browse source
This commit is contained in:
nodiscc 2015-11-30 23:17:01 +01:00
parent a33c574461
commit 8025c63906
1 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
plugins/playvideos/README.md
View file

@ -14,8 +14,16 @@ This is a default Shaarli plugin, you just have to enable it. See https://github
#### Troubleshooting #### Troubleshooting
If your server has [Content Security Policy](http://content-security-policy.com/) headers enabled, this may prevent the script from loading fully. You should relax the CSP in your server settings. Example CSP rule for apache2: If your server has [Content Security Policy](http://content-security-policy.com/) headers enabled, this may prevent the script from loading fully. You should relax the CSP in your server settings. Example CSP rule for apache2:
`Header set Content-Security-Policy "script-src 'self' 'unsafe-inline' https://www.youtube.com https://s.ytimg.com 'unsafe-eval'"`
In `/etc/apache2/conf-available/shaarli-csp.conf`:
```apache
<Directory /path/to/shaarli>
Header set Content-Security-Policy "script-src 'self' 'unsafe-inline' https://www.youtube.com https://s.ytimg.com 'unsafe-eval'"
</Directory>
```
Then run `a2enconf shaarli-csp; service apache2 reload`
### License ### License
``` ```