Git-Mirrors/privsec.dev
1
0
Fork 0
mirror of https://github.com/PrivSec-dev/privsec.dev.git synced 2025-04-19 23:16:05 -04:00
Code Issues Packages Projects Releases Wiki Activity

Update netlify.toml

Browse Source 
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2022-07-21 23:00:00 -04:00 committed by GitHub
parent e6f324ec6e
commit 880dcba992
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
netlify.toml
View File

@ -2,11 +2,10 @@
for = "/*"
[headers.values]
Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
Content-Security-Policy = "default-src 'none'; connect-src 'self'; img-src 'self'; script-src-elem 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self'; frame-src www.youtube-nocookie.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'"
Content-Security-Policy = "default-src 'none'; connect-src 'self'; img-src 'self'; script-src-elem 'self'; style-src-elem 'self'; frame-src www.youtube-nocookie.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'"
X-Content-Type-Options = "nosniff"
Referrer-Policy = "no-referrer"
Cross-Origin-Opener-Policy = "same-origin"
Cross-Origin-Embedder-Policy = "require-corp"
X-Frame-Options = "DENY"
X-XSS-Protection = "0"
Permissions-Policy = "accelerometer=(), autoplay=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()"