From edfec31a52c4548100ba845dc16df4c046f59042 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Sat, 2 Sep 2023 18:39:05 +0200
Subject: Configure headers for netlify

---
 netlify.toml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/netlify.toml b/netlify.toml
index 112bf78..422ca3b 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -13,3 +13,13 @@ ZOLA_VERSION = "0.17.2"
 
 [context.deploy-preview]
 command = "zola build --base-url $DEPLOY_PRIME_URL"
+
+[[headers]]
+  for = "/*"
+  [headers.values]
+    X-Frame-Options = "DENY"
+    X-Content-Type-Options = "nosniff"
+    X-XSS-Protection = "1; mode=block"
+    Referrer-Policy = "strict-origin-when-cross-origin"
+    Strict-Transport-Security = "max-age=63072000; includeSubdomains"
+    Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; frame-ancestors 'none'"
-- 
cgit 1.4.1