🔒️ fix(CSP): improve CSP coverage (#471)

welpo · Jan 25, 2025 · e519864 · e519864
1 parent 6445f54
commit e519864
Showing 1 changed file with 5 additions and 4 deletions.
diff --git a/templates/partials/header.html b/templates/partials/header.html
@@ -1,5 +1,10 @@
 <head>
     <meta charset="UTF-8">
+
+    {%- if macros_settings::evaluate_setting_priority(setting="enable_csp", page=page | default(value=""), section=section | default(value=""), default_global_value="true") == "true" -%}
+        {%- include "partials/content_security_policy.html" -%}
+    {%- endif -%}
+
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <meta name="base" content="{{ config.base_url | safe }}">
 
@@ -130,10 +135,6 @@
 
     <meta property="og:site_name" content="{{ config.title }}">
 
-    {%- if macros_settings::evaluate_setting_priority(setting="enable_csp", page=page | default(value=""), section=section | default(value=""), default_global_value="true") == "true" -%}
-        {%- include "partials/content_security_policy.html" -%}
-    {%- endif -%}
-
     {%- if config.extra.theme_switcher and config.extra.theme_switcher == true -%}
         {# If JavaScript is disabled, hide the button. #}
         <noscript><link rel="stylesheet" href="{{ get_url(path='no_js.css') | safe }}"/></noscript>