1234567891011121314151617181920 |
- [[headers]]
- # Define which paths this specific [[headers]] block will cover.
- for = "/*"
- [headers.values]
- X-Frame-Options = "DENY"
- X-XSS-Protection = "1; mode=block"
- Content-Security-Policy = "base-uri 'none';block-all-mixed-content;connect-src 'none';default-src 'none';font-src https://cdn.iosprivacy.com:443;form-action 'none';frame-ancestors 'none';frame-src 'none';img-src 'self';manifest-src 'none';media-src 'none';object-src 'none';require-trusted-types-for 'script';script-src 'none';script-src-attr 'none';script-src-elem 'none';style-src 'sha256-G88i75ORFBqu9EghN21XTSLHWjwaUUrxFoXdyHbdkJo=';style-src-attr 'none';style-src-elem 'sha256-G88i75ORFBqu9EghN21XTSLHWjwaUUrxFoXdyHbdkJo=';trusted-types;upgrade-insecure-requests;worker-src 'none'"
- Feature-Policy = "accelerometer 'none';ambient-light-sensor 'none';autoplay 'none';camera 'none';display-capture 'none';document-domain 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';gyroscope 'none';layout-animations 'none';legacy-image-formats 'none';magnetometer 'none';microphone 'none';midi 'none';oversized-images 'none';payment 'none';picture-in-picture 'none';publickey-credentials 'none';speaker 'none';sync-xhr 'none';unsized-media 'none';usb 'none';vibrate 'none';vr 'none';wake-lock 'none'"
- Referrer-Policy = "no-referrer"
- Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
- X-Content-Type-Options = "nosniff"
- X-DNS-Prefetch-Control = "off"
- Clear-Site-Data = '"cache", "cookies", "storage", "executionContexts"'
- Set-Cookie = "__Host-max-age=0; Path=/; HttpOnly; Secure; SameSite=Strict"
- Access-Control-Allow-Methods = "GET"
- Allow = "GET"
- Cross-Origin-Resource-Policy = "same-origin"
- Cross-Origin-Opener-Policy = "same-origin"
- Cross-Origin-Embedder-Policy = "require-corp"
|