about summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorAlan Pearce2023-09-16 12:58:25 +0200
committerAlan Pearce2023-09-16 12:58:25 +0200
commitf91b21742c5f6880e56ae96e1bd94861d217b101 (patch)
treeada912978979900f323af61d58cb9cef957c2df8
parentd449cf9a9c53af439e23f46770d33b6c2f25a659 (diff)
downloadwebsite-f91b21742c5f6880e56ae96e1bd94861d217b101.tar.lz
website-f91b21742c5f6880e56ae96e1bd94861d217b101.tar.zst
website-f91b21742c5f6880e56ae96e1bd94861d217b101.zip
Send HSTS header from Fly proxy
Bun seems to eat this header otherwise
-rw-r--r--config.toml3
-rw-r--r--fly.toml2
2 files changed, 3 insertions, 2 deletions
diff --git a/config.toml b/config.toml
index 7dbffcc..f7ec542 100644
--- a/config.toml
+++ b/config.toml
@@ -28,8 +28,7 @@ webserver_sends_csp_headers = true
 [extra.headers]
 cache-control = "max-age=14400"
 x-content-type-options = "nosniff"
-strict-transport-security = "max-age=31536000; includeSubdomains; preload"
-content-security-policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline'; form-action 'none'; base-uri 'self'"
+content-security-policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline'; form-action 'none'; base-uri 'self'; frame-ancestors https://kagi.com;"
 
 [[extra.main_menu]]
     name = "Posts"
diff --git a/fly.toml b/fly.toml
index d58112b..6d8757f 100644
--- a/fly.toml
+++ b/fly.toml
@@ -19,3 +19,5 @@ primary_region = "ams"
   auto_start_machines = true
   min_machines_running = 3
   processes = ["app"]
+[http_service.http_options.response.headers]
+  Strict-Transport-Security = "max-age=31536000; includeSubdomains; preload"