[x/go.dev] app.yaml: generate updated csp header
Change-Id: If0e629d747bb6acbeb38f849c3eea3869b942563
X-GoDev-Commit: 124f227e8e290b41d469ab2cf09ea90162086d90
diff --git a/go.dev/app.learn.yaml b/go.dev/app.learn.yaml
index 9d39127..1d9191c 100644
--- a/go.dev/app.learn.yaml
+++ b/go.dev/app.learn.yaml
@@ -8,7 +8,7 @@
upload: public/learn/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
- url: /(explore|learn)
secure: always
@@ -26,7 +26,7 @@
upload: public/(.*)
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
# Handle arbitrary paths with an index.html, special casing the trailing slash.
- url: /(.*)/
@@ -34,7 +34,7 @@
upload: public/learn/(.*)/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
# Handle arbitrary paths with an index.html
- url: /(.*)
@@ -42,7 +42,7 @@
upload: public/learn/(.*)/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
- url: /.*
secure: always
diff --git a/go.dev/app.staging.learn.yaml b/go.dev/app.staging.learn.yaml
index a684750..5c45a32 100644
--- a/go.dev/app.staging.learn.yaml
+++ b/go.dev/app.staging.learn.yaml
@@ -8,7 +8,7 @@
upload: public/learn/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
- url: /(explore|learn)
secure: always
@@ -26,7 +26,7 @@
upload: public/(.*)
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
# Handle arbitrary paths with an index.html, special casing the trailing slash.
- url: /(.*)/
@@ -34,7 +34,7 @@
upload: public/learn/(.*)/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
# Handle arbitrary paths with an index.html
- url: /(.*)
@@ -42,7 +42,7 @@
upload: public/learn/(.*)/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
- url: /.*
secure: always
diff --git a/go.dev/app.staging.yaml b/go.dev/app.staging.yaml
index 6627fb5..58da444 100644
--- a/go.dev/app.staging.yaml
+++ b/go.dev/app.staging.yaml
@@ -8,7 +8,7 @@
upload: public/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
- url: /(explore|learn)
secure: always
@@ -26,7 +26,7 @@
upload: public/(.*)
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
# Handle arbitrary paths with an index.html, special casing the trailing slash.
- url: /(.*)/
@@ -34,7 +34,7 @@
upload: public/(.*)/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
# Handle arbitrary paths with an index.html
- url: /(.*)
@@ -42,7 +42,7 @@
upload: public/(.*)/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
- url: /.*
secure: always
diff --git a/go.dev/app.yaml b/go.dev/app.yaml
index 3e4fcb0..f1787e8 100644
--- a/go.dev/app.yaml
+++ b/go.dev/app.yaml
@@ -8,7 +8,7 @@
upload: public/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
- url: /(explore|learn)
secure: always
@@ -26,7 +26,7 @@
upload: public/(.*)
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
# Handle arbitrary paths with an index.html, special casing the trailing slash.
- url: /(.*)/
@@ -34,7 +34,7 @@
upload: public/(.*)/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
# Handle arbitrary paths with an index.html
- url: /(.*)
@@ -42,7 +42,7 @@
upload: public/(.*)/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com scone-pa.clients6.google.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com gstatic.com tagmanager.google.com;"
- url: /.*
secure: always
