Skip to content

Commit

Permalink
Better default list of world writable domains in CSP checker (#3165)
Browse files Browse the repository at this point in the history
Co-authored-by: noamblitz <[email protected]>
Co-authored-by: ammar92 <[email protected]>
Co-authored-by: Jeroen Dekkers <[email protected]>
  • Loading branch information
4 people authored Jul 8, 2024
1 parent 2bbc4c4 commit 7c68d0a
Showing 1 changed file with 1 addition and 2 deletions.
3 changes: 1 addition & 2 deletions octopoes/bits/ask_disallowed_domains/question_schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,13 @@
"$id": "/bit/disallowed-csp-hostnames",
"type": "object",
"default": {},
"Port Configuration": "Root Schema",
"required": [],
"properties": {
"disallowed_hostnames": {
"description": "Comma separated list of disallowed hostnames in CSP headers",
"type": "string",
"pattern": "^(\\s*(,*)[^,]+,?\\s*)*$",
"default": "github.com,google.com"
"default": "githubpages.com,github.io,jsdelivr.com,cdn.skypack.dev"
},
"disallow_url_shorteners": {
"description": "Do you want to disallow url shorteners in csp headers?",
Expand Down

0 comments on commit 7c68d0a

Please sign in to comment.