config: update content security headers
This commit is contained in:
parent
64efe3ff00
commit
588b1d905e
|
@ -2,7 +2,7 @@
|
||||||
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
|
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
|
||||||
X-Content-Type-Options: nosniff
|
X-Content-Type-Options: nosniff
|
||||||
X-XSS-Protection: 1; mode=block
|
X-XSS-Protection: 1; mode=block
|
||||||
Content-Security-Policy: default-src 'self'; frame-ancestors https://jamstackthemes.dev; manifest-src 'self'; connect-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; style-src 'self'
|
Content-Security-Policy: default-src 'self'; frame-ancestors https://jamstackthemes.dev; manifest-src 'self'; connect-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self'
|
||||||
X-Frame-Options: SAMEORIGIN
|
X-Frame-Options: SAMEORIGIN
|
||||||
Referrer-Policy: strict-origin
|
Referrer-Policy: strict-origin
|
||||||
Feature-Policy: geolocation 'self'
|
Feature-Policy: geolocation 'self'
|
||||||
|
|
Loading…
Reference in New Issue