From 7c9f99038f2acc97c5c2c65e55bcfc87fe0fc126 Mon Sep 17 00:00:00 2001
From: Dominic Reich <dominic@dominicreich.com>
Date: Sat, 16 Mar 2019 20:22:00 +0100
Subject: [PATCH] update headers with CSP

---
 netlify.toml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/netlify.toml b/netlify.toml
index f072232..f197193 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -8,6 +8,7 @@
     Strict-Transport-Security = "max-age=31536000; includeSubDomains; preload"
     Cache-Control = "public, max-age=31536000"
     Referrer-Policy = "strict-origin-when-cross-origin"
+    Content-Security-Policy = "default-src https:"
     X-Content-Type-Options = "nosniff"
     X-Frame-Options = "DENY"
     X-XSS-Protection = "1; mode=block"