the-djmaze/snappymail
1
1
Fork 0
mirror of https://github.com/the-djmaze/snappymail.git synced 2025-02-25 23:40:24 +08:00
Code Issues Projects Releases Packages Wiki Activity

Also prevent Google FLoC in .htaccess

Browse source
This commit is contained in:
djmaze 2021-04-19 20:42:01 +02:00
parent 0a03f9768f
commit 19492a714d
2 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.htaccess
View file

@ -28,6 +28,9 @@ RewriteRule cpsess.* https://%{HTTP_HOST}/ [L,R=301]
Header set X-XSS-Protection "1; mode=block"
Header set Service-Worker-Allowed "/"
# Google FLoC
Header set Permissions-Policy "interest-cohort=()"
RewriteCond %{HTTP:Accept-encoding} br
RewriteCond "%{REQUEST_FILENAME}\.br" -s
RewriteRule "^(.+)" "$1\.br" [L,T=text/javascript,QSA]

2
snappymail/v/0.0.0/app/libraries/RainLoop/Service.php
View file

@ -41,6 +41,8 @@ class Service
\header('Referrer-Policy: no-referrer');
\header('X-Content-Type-Options: nosniff');
// Google FLoC
\header('Permissions-Policy: interest-cohort=()');
$sContentSecurityPolicy = \trim($this->oActions->Config()->Get('security', 'content_security_policy', '')) ?: APP_DEFAULT_CSP;