2022-09-02 06:33:32 -04:00
|
|
|
/
|
2023-11-05 05:22:48 -05:00
|
|
|
Strict-Transport-Security : max-age=63072000; includeSubDomains; preload
|
|
|
|
Content-Security-Policy : default-src 'self'; font-src 'self' fonts.gstatic.com; style-src 'self' fonts.googleapis.com; script-src 'self' 'unsafe-inline'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'none'
|
2022-09-02 06:33:32 -04:00
|
|
|
X-Content-Type-Options : nosniff
|
|
|
|
Referrer-Policy : no-referrer
|
|
|
|
X-Frame-Options : DENY
|
|
|
|
X-XSS-Protection : 0
|
2023-11-07 02:51:13 -05:00
|
|
|
Permissions-Policy : accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), browsing-topics=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), sync-xhr=(), xr-spatial-tracking=()
|
2023-11-05 05:22:48 -05:00
|
|
|
Cross-Origin-Opener-Policy : same-origin
|
|
|
|
Cross-Origin-Embedder-Policy : require-corp
|
2022-09-02 06:33:32 -04:00
|
|
|
Cross-Origin-Resource-Policy : same-origin
|
|
|
|
|
2023-11-27 13:25:23 -05:00
|
|
|
/.well-known/matrix/*
|
2022-09-02 06:33:32 -04:00
|
|
|
Access-Control-Allow-Origin : *
|
|
|
|
Content-Type : application/json
|
2023-11-05 05:22:48 -05:00
|
|
|
|
|
|
|
/.well-known/openpgpkey/hu/*
|
|
|
|
Access-Control-Allow-Origin: *
|