Skip to content

Instantly share code, notes, and snippets.

@harisec
Created May 24, 2019 07:02
Show Gist options
  • Save harisec/a69297509974361f21c4dbfd1ea12a78 to your computer and use it in GitHub Desktop.
Save harisec/a69297509974361f21c4dbfd1ea12a78 to your computer and use it in GitHub Desktop.
connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://smdhdsnappytv-vh.akamaihd.net https://smpdhdsnappytv-vh.akamaihd.net https://smmdhdsnappytv-vh.akamaihd.net https://rmdhdsnappytv-vh.akamaihd.net https://rmpdhdsnappytv-vh.akamaihd.net https://rmmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ;
default-src 'self';
form-action 'self' https://twitter.com https://*.twitter.com;
font-src 'self' https://*.twimg.com;
frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ;
img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv;
manifest-src 'self';
media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://smdhdsnappytv-vh.akamaihd.net https://smpdhdsnappytv-vh.akamaihd.net https://smmdhdsnappytv-vh.akamaihd.net https://rmdhdsnappytv-vh.akamaihd.net https://rmpdhdsnappytv-vh.akamaihd.net https://rmmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net;
object-src 'none';
script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com 'nonce-ODUyODRmZDAtMGIyNC00YTE1LWI5YzYtNzgwNDQ3ZTVkOWFi';
style-src 'self' 'unsafe-inline' https://*.twimg.com;
report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment