From fab4a3dbae5aa57e7de685e12f20b01465fd7d26 Mon Sep 17 00:00:00 2001 From: Tommy Date: Thu, 21 Jul 2022 19:23:58 -0400 Subject: [PATCH] Update netlify.toml Signed-off-by: Tommy --- netlify.toml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/netlify.toml b/netlify.toml index b9bd19a..dcd5427 100644 --- a/netlify.toml +++ b/netlify.toml @@ -1,16 +1,16 @@ -#[[headers]] - #for = "/*" - #[headers.values] - #Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload" - #Content-Security-Policy = "default-src 'none'; connect-src 'self'; img-src 'self'; script-src-elem 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self'; frame-src www.youtube-nocookie.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'" +[[headers]] + for = "/*" + [headers.values] + Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload" + Content-Security-Policy = "default-src 'none'; connect-src 'self'; img-src 'self'; script-src-elem 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self'; frame-src www.youtube-nocookie.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'" #X-Content-Type-Options = "nosniff" - #Referrer-Policy = "no-referrer" + Referrer-Policy = "no-referrer" #Cross-Origin-Opener-Policy = "same-origin" #Cross-Origin-Embedder-Policy = "require-corp" - #X-Frame-Options = "DENY" - #X-XSS-Protection = "0" + X-Frame-Options = "DENY" + X-XSS-Protection = "0" #Permissions-Policy = "accelerometer=(), autoplay=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()" - #Cross-Origin-Resource-Policy = "same-origin" + Cross-Origin-Resource-Policy = "same-origin" [build.environment] HUGO_VERSION = "0.101.0"