From 2d7584648d8bdff3f4e4fe475496d9aa003239d2 Mon Sep 17 00:00:00 2001 From: mihaisc Date: Mon, 29 Aug 2022 18:19:21 +0300 Subject: [PATCH] Fix headers (#1663) * test * test * test * test * test * test * test --- netlify.toml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 netlify.toml diff --git a/netlify.toml b/netlify.toml new file mode 100644 index 000000000..f82df6dc8 --- /dev/null +++ b/netlify.toml @@ -0,0 +1,11 @@ +[[headers]] + for = "/_next/image/*" + + [headers.values] + Content-Security-Policy= "upgrade-insecure-requests" + Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload" + X-XSS-Protection = "1; mode=block" + X-Frame-Options = "DENY" + X-Content-Type-Options = "nosniff" + Referrer-Policy = "strict-origin-when-cross-origin" + Permissions-Policy= "accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)"