all repos — website @ a8bc8b9386275363370533fbd1d09aea3a92cb61

My website

Send HSTS header from Fly proxy

Bun seems to eat this header otherwise
Alan Pearce alan@alanpearce.eu
Sat, 16 Sep 2023 12:58:25 +0200
commit

a8bc8b9386275363370533fbd1d09aea3a92cb61

parent

04a90ab7f92d0022c9357fd3cbfe30fba29f56e2

1 files changed, 1 insertions(+), 2 deletions(-)

jump to
M config.tomlconfig.toml
@@ -20,8 +20,7 @@ [extra.headers]
 cache-control = "max-age=14400"
 x-content-type-options = "nosniff"
-strict-transport-security = "max-age=31536000; includeSubdomains; preload"
-content-security-policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline'; form-action 'none'; base-uri 'self'"
+content-security-policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline'; form-action 'none'; base-uri 'self'; frame-ancestors https://kagi.com;"
 
 [[extra.main_menu]]
     name = "Home"