PrivSec-dev/privsec.dev
1
0
Fork 0
mirror of https://github.com/PrivSec-dev/privsec.dev synced 2024-11-17 03:51:35 -05:00
Code

CSP Fixes (#19)

Browse Source
This commit is contained in:
Tommy 2022-07-21 19:19:25 -04:00 committed by tommytran732
parent 7182988720
commit e71be60e17
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
netlify.toml
View File

@ -2,7 +2,7 @@
for = "/*"
[headers.values]
Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
Content-Security-Policy = "default-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'"
Content-Security-Policy = "default-src 'none'; connect-src 'self'; img-src 'self'; script-src-elem 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self'; frame-src www.youtube-nocookie.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'"
X-Content-Type-Options = "nosniff"
Referrer-Policy = "no-referrer"
Cross-Origin-Opener-Policy = "same-origin"