michi.vonah/website-v2
1
0
Fork 0
mirror of https://github.com/michivonah/website-v2.git synced 2025-12-22 20:46:29 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

add security headers

Browse source
This commit is contained in:
Michi 2024-09-07 17:43:43 +02:00
parent 00ec2abc70
commit 248a4b0e4f
1 changed files with 12 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
_headers Normal file
View file

@ -0,0 +1,12 @@
/
Content-Security-Policy: default-src 'self' michivonah.ch; script-src 'self' unpkg.com; style-src 'self' unpkg.com michivonah.ch fonts.googleapis.com; img-src 'self' michivonah.ch; font-src 'self' unpkg.com fonts.googleapis.com fonts.gstatic.com; upgrade-insecure-requests
Permissions-Policy: accelerometer=(), autoplay=(), display-capture=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Referrer-Policy: origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Access-Control-Allow-Origin: *