-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnetlify.toml
24 lines (22 loc) · 1.06 KB
/
netlify.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
[[headers]]
for = "/*"
[headers.values]
Content-Security-Policy = "frame-ancestors https://uniform.app"
X-Frame-Options = "SAMEORIGIN"
X-XSS-Protection = "1; mode=block"
cache-control = '''
max-age=0,
no-cache,
no-store,
must-revalidate'''
# Заголовки, связанные с безопасностью
[headers.values]
X-Content-Type-Options = "nosniff"
Cross-Origin-Resource-Policy = "same-origin"
Cross-Origin-Opener-Policy = "same-origin"
Cross-Origin-Embedder-Policy = "unsafe-none"
Referrer-Policy = "no-referrer"
Strict-Transport-Security = "max-age=31536000; includeSubDomains"
#Expect-CT = "enforce, max-age=86400"
Content-Security-Policy = "base-uri 'self'; font-src 'self'; form-action 'self'; frame-ancestors 'self' https://uniform.app; img-src 'self' https: data:; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests"
Permissions-Policy = "camera=(), microphone=(), geolocation=(), payment=()"