dominic/web-maintenance
1
0
Fork 0
Code Issues Pull requests Releases Activity

update netlify.toml (headers)

Browse source
This commit is contained in:
Dominic Reich 2019-03-16 20:16:32 +01:00
parent c2e819acf3
commit 01857e939f
No known key found for this signature in database
GPG key ID: 2664FE98B15DDE4F
1 changed files with 13 additions and 2 deletions

15
netlify.toml
View file

@ -6,7 +6,18 @@
for = "/*" for = "/*"
[headers.values] [headers.values]
Strict-Transport-Security = "max-age=31536000; includeSubDomains; preload" Strict-Transport-Security = "max-age=31536000; includeSubDomains; preload"
Cache-Control = "public, max-age=31536000"
Referrer-Policy = "strict-origin-when-cross-origin"
X-Content-Type-Options = "nosniff"
X-Frame-Options = "DENY" X-Frame-Options = "DENY"
X-XSS-Protection = "1; mode=block" X-XSS-Protection = "1; mode=block"
Referrer-Policy = "no-referrer" # Referrer-Policy = "no-referrer"
X-Content-Type-Options = "nosniff" Access-Control-Allow-Origin = "*"
Vary = "Accept-Encoding"
Access-Control-Allow-Credentials = "true"
Feature-Policy = "geolocation 'self' https://mademistakes.com; autoplay 'none'; lazyload 'self' https://mademistakes.com; sync-xhr 'self' https://mademistakes.com"
[[headers]]
for = "/assets/*"
[headers.values]
Cache-Control = "public, max-age=31536000"