From b0198c7092785fc8f6b521236ae24c0268a4f8d9 Mon Sep 17 00:00:00 2001 From: shni Date: Wed, 8 Oct 2025 08:33:34 -0500 Subject: [PATCH] =?UTF-8?q?feat:=20mejorar=20la=20pol=C3=ADtica=20de=20seg?= =?UTF-8?q?uridad=20de=20contenido=20y=20ajustar=20el=20iframe=20de=20Ko-f?= =?UTF-8?q?i=20en=20la=20barra=20lateral?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/server/server.ts | 2 +- src/server/views/partials/rightSidebar.ejs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/server/server.ts b/src/server/server.ts index ca9babc..3f731ac 100644 --- a/src/server/server.ts +++ b/src/server/server.ts @@ -107,7 +107,7 @@ function applySecurityHeaders(base: Record = {}) { "X-Frame-Options": "DENY", // Mild CSP to avoid breaking inline styles/scripts already present; adjust as needed "Content-Security-Policy": - "default-src 'self'; img-src 'self' data: https:; style-src 'self' 'unsafe-inline' https:; script-src 'self' 'unsafe-inline' https:; font-src 'self' https: data:", + "default-src 'self'; img-src 'self' data: https:; style-src 'self' 'unsafe-inline' https:; script-src 'self' 'unsafe-inline' https:; font-src 'self' https: data:; frame-src 'self' https://ko-fi.com https://*.ko-fi.com; child-src 'self' https://ko-fi.com https://*.ko-fi.com", ...base, }; } diff --git a/src/server/views/partials/rightSidebar.ejs b/src/server/views/partials/rightSidebar.ejs index 6a676ee..791c964 100644 --- a/src/server/views/partials/rightSidebar.ejs +++ b/src/server/views/partials/rightSidebar.ejs @@ -5,7 +5,7 @@

Apoya el proyecto

-