motiejus/e11sync
1
Fork 0
Code

CSP

Browse Source
This commit is contained in:
Motiejus Jakštys 2024-01-28 23:18:30 +02:00
parent 4891305c29
commit c768ef7a44
1 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
pkgs/e11sync-caddyfile.nix
View File

@ -7,23 +7,24 @@ writeTextFile {
name = "e11sync-caddyfile"; name = "e11sync-caddyfile";
text = '' text = ''
@addSlash path /static /blog /contact @addSlash path /static /blog /contact
route @addSlash { route @addSlash {
redir {uri}/ 302 redir {uri}/ 302
} }
header /static/* Cache-Control "public, max-age=31536000, immutable" header /static/* Cache-Control "public, max-age=31536000, immutable"
header {
Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self'; frame-ancestors 'none'"
Cross-Origin-Opener-Policy same-origin
Referrer-Policy same-origin
X-Content-Type-Options nosniff
-X-Frame-Options
-Last-Modified
}
@staticRoutes path /static/* /contact/* /blog/* @staticRoutes path /static/* /contact/* /blog/*
route @staticRoutes { route @staticRoutes {
header {
Cross-Origin-Opener-Policy same-origin
Referrer-Policy same-origin
X-Content-Type-Options nosniff
X-Frame-Options DENY
-Last-Modified
}
file_server * { file_server * {
root ${e11sync-static} root ${e11sync-static}
precompressed br gzip precompressed br gzip