From d43ab2e37e681e222da93226bcd5211e29e84438 Mon Sep 17 00:00:00 2001
From: anoduck <9925396+anoduck@users.noreply.github.com>
Date: Sat, 15 Feb 2025 02:33:34 -0500
Subject: =?UTF-8?q?feat:=20=F0=9F=8E=B8=20Module=20additions?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Added created modules to the site along with more content.
---
 config/_default/server.toml | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

(limited to 'config/_default/server.toml')

diff --git a/config/_default/server.toml b/config/_default/server.toml
index c80d88d..e072c6c 100644
--- a/config/_default/server.toml
+++ b/config/_default/server.toml
@@ -6,20 +6,20 @@ for = '/**'
     X-XSS-Protection = "1; mode=block"
     Content-Security-Policy = """\
         default-src 'self'; \
-        script-src 'self' https://*.google-analytics.com https://*.googletagmanager.com; \
-        style-src 'self' https://fonts.googleapis.com https://www.youtube.com; \
+        child-src 'self' app.netlify.com; \
+        script-src 'unsafe-eval' 'unsafe-inline' 'self' *.netlify.app app.netlify.com netlify-cdp-loader.netlify.app https://*.google-analytics.com https://*.x.com https://*.twitter.com https://*.youtube.com https://*.flickr.com https://*.googletagmanager.com; \
+        style-src 'unsafe-inline' 'self' *.netlify.app app.netlify.com netlify-cdp-loader.netlify.app https://*.knightlab.com https://fonts.googleapis.com https://www.youtube.com; \
         object-src 'none'; \
         base-uri 'self'; \
-        connect-src 'self'
-            https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com; \
-        font-src 'self' https://fonts.gstatic.com; \
-        frame-src 'self' https://www.youtube-nocookie.com https://www.youtube.com; \
-        img-src 'self' data: https://i.vimeocdn.com https://i.ytimg.com https://*.google-analytics.com https://*.googletagmanager.com https://tile.openstreetmap.org; \
+        connect-src 'self' https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.knightlab.com; \
+        font-src 'self' https://*.netlify.app https://fonts.gstatic.com; \
+        frame-src 'self' https://www.youtube-nocookie.com https://www.youtube.com https://*.netlify.com https://*.google.com; \
+        img-src 'self' data: https: https://*.netlify.app https://i.vimeocdn.com https://i.ytimg.com https://*.cloudinary.com https://*.google-analytics.com https://*.googletagmanager.com https://tile.openstreetmap.org; \
         manifest-src 'self'; \
-        media-src 'self' \
+        media-src 'self' https://*.netlify.app https://*.cloudinary.com https://*.youtube.com; \
         """
     X-Frame-Options = "SAMEORIGIN"
-    Referrer-Policy = "strict-origin"
+    Referrer-Policy = "strict-origin-when-cross-origin"
     Permissions-Policy = """\
         geolocation=(), \
         midi=(), \
-- 
cgit v1.2.3