diff options
| author | Alan Pearce | 2023-09-16 12:58:25 +0200 |
|---|---|---|
| committer | Alan Pearce | 2023-09-16 12:58:25 +0200 |
| commit | f91b21742c5f6880e56ae96e1bd94861d217b101 (patch) | |
| tree | ada912978979900f323af61d58cb9cef957c2df8 /config.toml | |
| parent | d449cf9a9c53af439e23f46770d33b6c2f25a659 (diff) | |
| download | website-f91b21742c5f6880e56ae96e1bd94861d217b101.tar.lz website-f91b21742c5f6880e56ae96e1bd94861d217b101.tar.zst website-f91b21742c5f6880e56ae96e1bd94861d217b101.zip | |
Send HSTS header from Fly proxy
Bun seems to eat this header otherwise
Diffstat (limited to 'config.toml')
| -rw-r--r-- | config.toml | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/config.toml b/config.toml index 7dbffcc..f7ec542 100644 --- a/config.toml +++ b/config.toml @@ -28,8 +28,7 @@ webserver_sends_csp_headers = true [extra.headers] cache-control = "max-age=14400" x-content-type-options = "nosniff" -strict-transport-security = "max-age=31536000; includeSubdomains; preload" -content-security-policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline'; form-action 'none'; base-uri 'self'" +content-security-policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline'; form-action 'none'; base-uri 'self'; frame-ancestors https://kagi.com;" [[extra.main_menu]] name = "Posts" |