april/nginx.conf Secret

## nginx.conf
    # Include all the security headers
    include headers.d/pokeinthe.io.conf;

    location ~* \.(?:html) {
      include headers.d/pokeinthe.io.conf;
      add_header Content-Security-Policy "default-src 'none'; base-uri 'none'; form-action 'none'; child-src https://www.youtube.com; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'none'; frame-src https://www.youtube.com; img-src 'self'; media-src 'self' blob:; script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.1.1/ekko-lightbox.min.js https://code.jquery.com/jquery-2.2.4.min.js https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js; style-src 'self' https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.1.1/ekko-lightbox.min.css https://fonts.googleapis.com" always;
      expires -1;
    }

    location ~* \.svg$ {
        include headers.d/pokeinthe.io.conf;
        add_header Content-Security-Policy "default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'";
    }

    location ~* \M.*.pdf$ {
        include headers.d/pokeinthe.io.conf;
        add_header Content-Security-Policy "default-src 'self'; base-uri 'none'; form-action 'none'; style-src 'self' 'unsafe-inline'";
    }
	# Include all the security headers
	include headers.d/pokeinthe.io.conf;

	location ~* \.(?:html) {
	include headers.d/pokeinthe.io.conf;
	add_header Content-Security-Policy "default-src 'none'; base-uri 'none'; form-action 'none'; child-src https://www.youtube.com; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'none'; frame-src https://www.youtube.com; img-src 'self'; media-src 'self' blob:; script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.1.1/ekko-lightbox.min.js https://code.jquery.com/jquery-2.2.4.min.js https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js; style-src 'self' https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.1.1/ekko-lightbox.min.css https://fonts.googleapis.com" always;
	expires -1;
	}

	location ~* \.svg$ {
	include headers.d/pokeinthe.io.conf;
	add_header Content-Security-Policy "default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'";
	}

	location ~* \M.*.pdf$ {
	include headers.d/pokeinthe.io.conf;
	add_header Content-Security-Policy "default-src 'self'; base-uri 'none'; form-action 'none'; style-src 'self' 'unsafe-inline'";
	}