Git-Mirrors/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-01-31 18:23:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

Configure HTTP Headers (#2021)

Browse Source
This commit is contained in:
Jonah Aragon 2023-02-24 10:17:46 -06:00
parent 23b7effac9
commit 561f6a7463
No known key found for this signature in database
2 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
mkdocs.production.yml
View File

@ -2,10 +2,8 @@ INHERIT: mkdocs.yml
plugins: plugins:
meta: {} meta: {}
privacy: privacy:
external_assets_exclude: external_assets_exclude: ['https://cdn.jsdelivr.net/npm/mathjax@3/*', 'https://api.privacyguides.net/*']
- cdn.jsdelivr.net/npm/mathjax@3/* external_links_noopener: true
- api.privacyguides.net/*
- giscus.app/*
git-committers: git-committers:
enabled: !ENV [PRODUCTION, false] enabled: !ENV [PRODUCTION, false]
repository: privacyguides/privacyguides.org repository: privacyguides/privacyguides.org

14
netlify.toml
View File

@ -5,6 +5,20 @@
[context.production.environment] [context.production.environment]
PRODUCTION = "true" PRODUCTION = "true"
[[headers]]
for = "/*"
[headers.values]
X-Frame-Options = "DENY"
X-XSS-Protection = "0"
X-Content-Type-Options = "nosniff"
Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
Content-Security-Policy = "default-src 'none'; script-src https://www.privacyguides.org https://api.privacyguides.net 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; img-src data: 'self'; connect-src https://api.github.com https://api.privacyguides.net 'self'"
[[headers]]
for = "/about/donate/"
[headers.values]
Content-Security-Policy = "default-src 'none'; script-src https://opencollective.com https://www.privacyguides.org https://api.privacyguides.net 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; img-src https://opencollective.com data: 'self'; connect-src https://api.github.com https://api.privacyguides.net 'self'; frame-src https://opencollective.com"
[[redirects]] [[redirects]]
from = "/.well-known/matrix/*" from = "/.well-known/matrix/*"
to = "https://matrix.privacyguides.org/.well-known/matrix/:splat" to = "https://matrix.privacyguides.org/.well-known/matrix/:splat"