From f91b21742c5f6880e56ae96e1bd94861d217b101 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Sat, 16 Sep 2023 12:58:25 +0200
Subject: Send HSTS header from Fly proxy

Bun seems to eat this header otherwise
---
 config.toml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'config.toml')

diff --git a/config.toml b/config.toml
index 7dbffcc..f7ec542 100644
--- a/config.toml
+++ b/config.toml
@@ -28,8 +28,7 @@ webserver_sends_csp_headers = true
 [extra.headers]
 cache-control = "max-age=14400"
 x-content-type-options = "nosniff"
-strict-transport-security = "max-age=31536000; includeSubdomains; preload"
-content-security-policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline'; form-action 'none'; base-uri 'self'"
+content-security-policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline'; form-action 'none'; base-uri 'self'; frame-ancestors https://kagi.com;"
 
 [[extra.main_menu]]
     name = "Posts"
-- 
cgit 1.4.1