mirror of https://git.sr.ht/~sircmpwn/srht.site
Explain CSP impact on target="_blank" links
This commit is contained in:
parent
5777fd6be6
commit
b063e3a491
|
@ -20,6 +20,9 @@ Content-Security-Policy:
|
|||
The main consequence of this is that all resources must be served from
|
||||
your domain — you cannot use a CDN or embed third-party content.
|
||||
|
||||
It also disallows forcing links to open in new tabs (`target="_blank"`), as
|
||||
this is equivalent to opening a pop-up in the browser security model.
|
||||
|
||||
The published tarball is limited to 1 GiB in size, after decompression. Any
|
||||
entries other than regular files are ignored (such as symlinks).
|
||||
|
||||
|
|
Loading…
Reference in New Issue