Envoyé par lendrevi
Voir le message
Tout va bien, y a pas de dérangement.
frame-src 'self' www.gstatic.com www.google.com script-src 'self' www.google-analytics.com www.gstatic.com img-src 'self' www.google-analytics.com stats.g.doubleclick.net
<IfModule mod_headers.c> # Protection CTO (cf. plugin) #### Header always set X-Content-Type-Options "nosniff" # activation du HSTS (cf. plugin) # Indication anti-XSS pour les navigateurs (cf. plugin) #### Header always set X-XSS-Protection "1; mode=block" # Filtre sur les provenances des scripts (CSP), séparées par des espaces Header set Content-Security-Policy "base-uri 'self'" Header set Content-Security-Policy "frame-src 'self' www.google.com" Header set Referrer-Policy no-referrer-when-downgrade # Anti-clickjacking Header always set X-FRAME-OPTIONS "SAMEORIGIN" # Antivol de cookie Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure </IfModule>
# Anti-clickjacking Header always set X-FRAME-OPTIONS "SAMEORIGIN" Header set X-FRAME-OPTIONS "ALLOW-FROM www.google.com/maps/d/"
<iframe src="https://www.google.com/maps/d/embed?mid=1OK-4-67b_MiB5df-67CHpaxrLKlegL6i" alt="" width="640" height="480"></iframe>
Laisser un commentaire: