diff options
| author | Alan Pearce | 2024-07-04 21:04:29 +0200 |
|---|---|---|
| committer | Alan Pearce | 2024-07-04 21:04:29 +0200 |
| commit | 3d1ea12f05332a0c414366eb50e2fcfcb3a99f2f (patch) | |
| tree | fc0df7c74f91ce52477adba499d398cace7fe947 | |
| parent | 766f10237856b3d7eee457aa43c02417aaf44962 (diff) | |
| download | zola-bearblog-3d1ea12f05332a0c414366eb50e2fcfcb3a99f2f.tar.lz zola-bearblog-3d1ea12f05332a0c414366eb50e2fcfcb3a99f2f.tar.zst zola-bearblog-3d1ea12f05332a0c414366eb50e2fcfcb3a99f2f.zip | |
add cross-origin-resource-policy header
| -rw-r--r-- | netlify.toml | 1 | ||||
| -rw-r--r-- | vercel.json | 4 |
2 files changed, 5 insertions, 0 deletions
diff --git a/netlify.toml b/netlify.toml index ec51225..88a3cba 100644 --- a/netlify.toml +++ b/netlify.toml @@ -23,6 +23,7 @@ Strict-Transport-Security = "max-age=63072000; includeSubdomains" # openssl dgst -sha256 -binary < templates/style.css.html | openssl enc -base64 # and paste the output after sha256- Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'sha256-p5EfRIhWJi7Zh7WJil3mpIVCZvcu+zebWbMe6B0so8A='; form-action 'none'; base-uri 'self'; frame-ancestors 'none'" +Cross-Origin-Resource-Policy = "same-site" Cache-Control = ''' max-age=300, s-maxage=86400, diff --git a/vercel.json b/vercel.json index c23d334..4e5615b 100644 --- a/vercel.json +++ b/vercel.json @@ -25,6 +25,10 @@ "value": "1; mode=block" }, { + "key": "Cross-Origin-Resource-Policy", + "value": "same-site" + }, + { "key": "Referrer-Policy", "value": "strict-origin-when-cross-origin" }, |