https://github.com/bramstein/csp-typekit

An example of how to use the Content Security Policy with Typekit
https://github.com/bramstein/csp-typekit

Last synced: about 1 year ago
JSON representation

An example of how to use the Content Security Policy with Typekit

• Host: GitHub
• URL: https://github.com/bramstein/csp-typekit
• Owner: bramstein
• Created: 2013-07-18T10:34:22.000Z (almost 13 years ago)
• Default Branch: master
• Last Pushed: 2014-09-09T13:20:22.000Z (almost 12 years ago)
• Last Synced: 2025-02-09T07:36:00.734Z (over 1 year ago)
• Language: JavaScript
• Size: 133 KB
• Stars: 0
• Watchers: 3
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
## Using the Content Security Policy with Typekit

This is a simple example of how to use the Content Security Policy (CSP) with Typekit. You'll need the following security policy exceptions to get Typekit to work:

    // use.typekit.net: needed for the typekit javascript

    script-src 'self' use.typekit.net;

    // 'unsafe-inline': needed for font events

    // use.typekit.net: needed for the typekit CSS

    style-src 'self' 'unsafe-inline' use.typekit.net;

    // data://: needed for embedded base64 encoded fonts

    // use.typekit.net: needed for externally loaded fonts

    font-src 'self' data://* use.typekit.net;

    // p.typekit.net: used for tracking font usage and paying foundries

    img-src 'self' p.typekit.net;