Content Security Policy (CSP) with Hugo & CodeIT theme
I’m fairly new to Hugo but getting used to it and loving it isn’t that hard with generous documentation and active community.
What is Content Security Policy (CSP)
CSP1 is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to distribution of malware. CSP can be implemented through your HTTP response header or meta tag, and you can use the default-src as fallback to source reference or go further in detailing source types like (images, media, fonts js, css etc..) and origin servers. Content Security Policy Level 2 is a Candidate Recommendation and Level 3 is a working draft
Figuring out how to fingerprint external resources listed in jsdelivr.yml / bug report submitted bug #98
BBC Radio 4 - The News Quiz is still my favorite listen.