michi.vonah/website-v2
1
0
Fork 0
mirror of https://github.com/michivonah/website-v2.git synced 2025-12-22 20:46:29 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
website-v2/_headers
michivonah aecd92b2f5 changes to CSP Header
2024-09-07 20:41:31 +02:00

12 lines
No EOL
850 B
Text
Raw Blame History

/
Content-Security-Policy: default-src 'self' michivonah.ch data.mchvnh.ch; script-src 'self' 'unsafe-inline' unpkg.com data.mchvnh.ch; style-src 'self' 'unsafe-inline' unpkg.com michivonah.ch fonts.googleapis.com; img-src 'self' michivonah.ch; font-src 'self' unpkg.com fonts.googleapis.com fonts.gstatic.com; upgrade-insecure-requests
Permissions-Policy: accelerometer=(), autoplay=(), display-capture=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Referrer-Policy: origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Origin: *
Reference in a new issue View git blame Copy permalink