Git-Mirrors/privsec.dev
1
0
Fork 0
mirror of https://github.com/PrivSec-dev/privsec.dev.git synced 2025-04-19 23:16:05 -04:00
Code Issues Packages Projects Releases Wiki Activity

enable COOP/COEP

Browse Source
This commit is contained in:
Wonderfall 2022-07-30 17:23:29 +02:00
parent a43753e544
commit 58fa6c34b3
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
static/_headers
View File

@ -3,11 +3,12 @@
Content-Security-Policy : default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-src https://www.youtube-nocookie.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
X-Content-Type-Options : nosniff
Referrer-Policy : no-referrer
# Cross-Origin-Opener-Policy : same-origin
X-Frame-Options : DENY
X-XSS-Protection : 0
Permissions-Policy : accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), sync-xhr=(), xr-spatial-tracking=()
Cross-Origin-Resource-Policy : same-origin
Cross-Origin-Opener-Policy : same-origin
Cross-Origin-Embedder-Policy : require-corp
/*.xml
Content-Security-Policy : default-src 'none'; img-src 'self' data: https://www.w3.org/; style-src 'self' 'unsafe-inline'; block-all-mixed-content; base-uri 'none'