all repos — zola-bearblog @ 3d1ea12f05332a0c414366eb50e2fcfcb3a99f2f

Port of bear blog theme to zola

add cross-origin-resource-policy header

Alan Pearce
commit

3d1ea12f05332a0c414366eb50e2fcfcb3a99f2f

parent

766f10237856b3d7eee457aa43c02417aaf44962

2 files changed, 5 insertions(+), 0 deletions(-)

jump to
M netlify.tomlnetlify.toml
@@ -23,6 +23,7 @@ # if nothing else works
 # openssl dgst -sha256 -binary < templates/style.css.html | openssl enc -base64
 # and paste the output after sha256-
 Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'sha256-p5EfRIhWJi7Zh7WJil3mpIVCZvcu+zebWbMe6B0so8A='; form-action 'none'; base-uri 'self'; frame-ancestors 'none'"
+Cross-Origin-Resource-Policy = "same-site"
 Cache-Control = '''
   max-age=300,
   s-maxage=86400,
M vercel.jsonvercel.json
@@ -25,6 +25,10 @@ "key": "X-XSS-Protection",
           "value": "1; mode=block"
         },
         {
+          "key": "Cross-Origin-Resource-Policy",
+          "value": "same-site"
+        },
+        {
           "key": "Referrer-Policy",
           "value": "strict-origin-when-cross-origin"
         },