[x/go.dev] update CSP with generated
Change-Id: Ide640349d91fbf09c123a9f51c10a02557ff263e
X-GoDev-Commit: 50fe7ebfc1385a6b16ffe8b6040dc0879494640e
diff --git a/go.dev/app.staging.yaml b/go.dev/app.staging.yaml
index b0ba090..9de2c7b 100644
--- a/go.dev/app.staging.yaml
+++ b/go.dev/app.staging.yaml
@@ -8,7 +8,7 @@
upload: public/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
- url: /(explore|learn)
secure: always
@@ -26,7 +26,7 @@
upload: public/(.*)
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
# Handle arbitrary paths with an index.html, special casing the trailing slash.
- url: /(.*)/
@@ -34,7 +34,7 @@
upload: public/(.*)/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
# Handle arbitrary paths with an index.html
- url: /(.*)
@@ -42,7 +42,7 @@
upload: public/(.*)/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
- url: /.*
secure: always
diff --git a/go.dev/app.yaml b/go.dev/app.yaml
index 159cd09..fc6b1b5 100644
--- a/go.dev/app.yaml
+++ b/go.dev/app.yaml
@@ -8,7 +8,7 @@
upload: public/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
- url: /(explore|learn)
secure: always
@@ -26,7 +26,7 @@
upload: public/(.*)
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
# Handle arbitrary paths with an index.html, special casing the trailing slash.
- url: /(.*)/
@@ -34,7 +34,7 @@
upload: public/(.*)/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
# Handle arbitrary paths with an index.html
- url: /(.*)
@@ -42,7 +42,7 @@
upload: public/(.*)/index.html
http_headers:
# Please use cmd/gencsp to generate this.
- Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
+ Content-Security-Policy: "connect-src https://golang.org www.google-analytics.com stats.g.doubleclick.net; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com apis.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
- url: /.*
secure: always
diff --git a/go.dev/cmd/gencsp/main.go b/go.dev/cmd/gencsp/main.go
index 6fe3e96..cd167f2 100644
--- a/go.dev/cmd/gencsp/main.go
+++ b/go.dev/cmd/gencsp/main.go
@@ -33,7 +33,7 @@
"connect-src": {
"https://golang.org",
"www.google-analytics.com",
- "https://stats.g.doubleclick.net/",
+ "stats.g.doubleclick.net",
},
"default-src": {
self,