🔒️ fix: prevent malformed CSP header

welpo · Feb 23, 2023 · 54ae781 · 54ae781
1 parent 5dcd605
commit 54ae781
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/templates/partials/header.html b/templates/partials/header.html
@@ -45,10 +45,14 @@
 
     <meta http-equiv="Content-Security-Policy"
     content="default-src 'self'
-    {% if config.extra.allowed_domains %}
+    {%- if config.extra.allowed_domains -%}
+    ; 
         {%- for domain in config.extra.allowed_domains -%}
-            {{ domain.directive }} {{ domain.domains | join(sep=' ') }};
+            {{ domain.directive }} {{ domain.domains | join(sep=' ') }}
+            {%- if not loop.last -%}
+            ;
+            {%- endif -%}
         {%- endfor -%}
-    {% endif %}">
+    {%- endif -%}">
 
 </head>