[x/go.dev] update content security policy Change-Id: Icb8ad351853a862d26ed01ffe14082fe888b066d X-GoDev-Commit: ad7ebbd958d31cfc1ef315657a6380d5927ca7f8

commit: 447125e40bbe56ffa491bd3952dfb74043b156cb [log] [tgz]
author: Sean Harrington <sean.harrington@leftfieldlabs.com> Thu Oct 29 13:17:15 2020 -0400
committer: Sean Harrington <sean.harrington@leftfieldlabs.com> Thu Oct 29 13:17:15 2020 -0400
tree: 59102184adf4908f69cf9215d3aca2dd1da9f2d6
parent: dfd1f392c2c4ec05fb038c232b05963b79bcb922 [diff]
diff --git a/go.dev/layouts/_default/baseof.html b/go.dev/layouts/_default/baseof.html
index 8197206..2a4db68 100644
--- a/go.dev/layouts/_default/baseof.html
+++ b/go.dev/layouts/_default/baseof.html

@@ -14,6 +14,7 @@
 <meta name="viewport" content="width=device-width, initial-scale=1">
 <meta name="theme-color" content="#00add8">
 <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Google+Sans:400,500,600|Work+Sans:400,500,600|Roboto:400,500,700|Open+Sans:Source+Code+Pro|Material+Icons">
+<meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtm.js; style-src 'report-sample' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://golang.org https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self'; img-src 'self' https://secure.meetupstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none';">
 {{$styles := resources.Get "css/styles.css" -}}
 {{if .Site.IsServer -}}
   <link rel="stylesheet" href="{{$styles.RelPermalink}}">
commit	447125e40bbe56ffa491bd3952dfb74043b156cb	[log] [tgz]
author	Sean Harrington <sean.harrington@leftfieldlabs.com>	Thu Oct 29 13:17:15 2020 -0400
committer	Sean Harrington <sean.harrington@leftfieldlabs.com>	Thu Oct 29 13:17:15 2020 -0400
tree	59102184adf4908f69cf9215d3aca2dd1da9f2d6
parent	dfd1f392c2c4ec05fb038c232b05963b79bcb922 [diff]