|
|
@@ -4,7 +4,11 @@
|
|
|
<meta charset="utf-8">
|
|
|
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
|
|
|
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
|
|
|
- <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline'">
|
|
|
+ <!-- <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline'"> -->
|
|
|
+ <meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-eval'; script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline'"/>
|
|
|
+ <meta http-equiv="X-Content-Security-Policy" content="default-src 'self' 'unsafe-eval'; script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline'"/>
|
|
|
+ <meta http-equiv="X-XSS-Protection" content="1;mode=block" />
|
|
|
+ <meta http-equiv="X-Content-Type-Options" content="nosniff" />
|
|
|
<link rel="icon" href="<%= BASE_URL %>favicon.ico">
|
|
|
<title><%= webpackConfig.name %></title>
|
|
|
<script src="<%= BASE_URL %>configLoader.js" type="text/javascript"></script>
|
