1.3 KiB
1.3 KiB
| title | description | lead | date | lastmod | draft | images | menu | weight | toc | ||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Security | Get A+ scores on Mozilla Observatory out of the box. Easily change the default Security Headers to suit your needs. | Get A+ scores on <a href="https://observatory.mozilla.org/analyze/hyas.netlify.app">Mozilla Observatory</a> out of the box. Easily change the default Security Headers to suit your needs. | 2020-09-17T13:48:09+02:00 | 2020-09-17T13:48:09+02:00 | false |
|
210 | true |
Security Headers
./layouts/index.headers excerpt:
/*
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'none'; manifest-src 'self'; connect-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin
See also: [Headers]({{< ref "netlify#headers" >}}).
Content Security Policy
💡 Laboratory is an experimental Firefox extension that helps you generate a Content Security Policy (CSP) header for your website.
Subresource Integrity
Subresource Integrity is implemented with Hugo on styles and scripts.