add cross-origin-resource-policy header
1 file changed, 1 insertion(+), 0 deletions(-)
changed files
M netlify.toml → netlify.toml
@@ -23,6 +23,7 @@ # if nothing else works # openssl dgst -sha256 -binary < templates/style.css.html | openssl enc -base64 # and paste the output after sha256- Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'sha256-p5EfRIhWJi7Zh7WJil3mpIVCZvcu+zebWbMe6B0so8A='; form-action 'none'; base-uri 'self'; frame-ancestors 'none'" +Cross-Origin-Resource-Policy = "same-site" Cache-Control = ''' max-age=300, s-maxage=86400,