More template fixes

This commit is contained in:
Thomas Sileo 2022-07-15 20:16:02 +02:00
parent d38fec6570
commit 0d3b41272f
3 changed files with 6 additions and 5 deletions

View file

@ -128,9 +128,9 @@ class CustomMiddleware:
headers["x-xss-protection"] = "1; mode=block"
headers["x-frame-options"] = "SAMEORIGIN"
# TODO(ts): disallow inline CSS?
headers["content-security-policy"] = (
"default-src 'self'" + " style-src 'self' 'unsafe-inline';"
)
headers[
"content-security-policy"
] = "default-src 'self' style-src 'unsafe-inline';"
if not DEBUG:
headers[
"strict-transport-security"

View file

@ -18,7 +18,7 @@
<a href="{{ url_for }}" {% if request.url.path == url_for %}class="active"{% endif %}>{{ text }}</a>
{% endmacro %}
<div style="margin:30px 0;">
<div style="margin:30px 0 0 0;">
<nav class="flexbox">
<ul>
<li>{{ header_link("index", "Notes") }}</li>
@ -27,6 +27,7 @@
<li>{{ header_link("get_remote_follow", "Remote follow") }}</li>
</ul>
</nav>
</div>
</header>

View file

@ -272,7 +272,7 @@
<div><a href="{{ object.url }}"{% if object.is_from_inbox %} rel="nofollow"{% endif %} class="object-permalink u-url u-uid">permalink</a></div>
</li>
<li>
<time class="dt-published" datetime="{{ object.ap_published_at }}" title="{{ object.ap_published_at.isoformat() }}">{{ object.ap_published_at | timeago }}</time>
<time class="dt-published" datetime="{{ object.ap_published_at.replace(microsecond=0).isoformat() }}" title="{{ object.ap_published_at.replace(microsecond=0).isoformat() }}">{{ object.ap_published_at | timeago }}</time>
</li>
{% if is_admin %}
<li>