From 4c3abb66bef6a3523ebeda0f18ce78c10e1b555f Mon Sep 17 00:00:00 2001
From: Ben Harris <bjh21@bjh21.me.uk>
Date: Sun, 12 Oct 2025 13:53:45 +0100
Subject: [PATCH] More restrictive content security policy for Web site

---
 .htaccess | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.htaccess b/.htaccess
index c1bbf55..3200afd 100644
--- a/.htaccess
+++ b/.htaccess
@@ -6,4 +6,7 @@ AddType font/otf;outlines=CFF .otf
 </FilesMatch>
 AddOutputFilterByType DEFLATE application/xhtml+xml text/css font/otf \
  text/plain text/x-csrc application/postscript
-Header set Content-Security-Policy "object-src 'none';"
+Header set Content-Security-Policy "form-action 'none';\
+ default-src 'none'; connect-src 'self'; font-src 'self'; img-src 'self';\
+ script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval';\
+ style-src 'self' 'unsafe-inline'"
-- 
2.30.2