CSP
This commit is contained in:
parent
4891305c29
commit
c768ef7a44
|
@ -7,23 +7,24 @@ writeTextFile {
|
|||
name = "e11sync-caddyfile";
|
||||
text = ''
|
||||
@addSlash path /static /blog /contact
|
||||
|
||||
route @addSlash {
|
||||
redir {uri}/ 302
|
||||
}
|
||||
|
||||
header /static/* Cache-Control "public, max-age=31536000, immutable"
|
||||
|
||||
@staticRoutes path /static/* /contact/* /blog/*
|
||||
route @staticRoutes {
|
||||
header {
|
||||
Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self'; frame-ancestors 'none'"
|
||||
Cross-Origin-Opener-Policy same-origin
|
||||
Referrer-Policy same-origin
|
||||
X-Content-Type-Options nosniff
|
||||
X-Frame-Options DENY
|
||||
|
||||
-X-Frame-Options
|
||||
-Last-Modified
|
||||
}
|
||||
|
||||
@staticRoutes path /static/* /contact/* /blog/*
|
||||
route @staticRoutes {
|
||||
file_server * {
|
||||
root ${e11sync-static}
|
||||
precompressed br gzip
|
||||
|
|
Loading…
Reference in New Issue