mirror of
https://git.sr.ht/~seirdy/seirdy.one
synced 2024-12-24 01:42:10 +00:00
Hugo config: no server headers
I'd rather use an actual web server to test this.
This commit is contained in:
parent
41d5ea1b4d
commit
85287c68c1
1 changed files with 1 additions and 21 deletions
22
config.toml
22
config.toml
|
@ -102,7 +102,7 @@ excludeSources = [
|
|||
]
|
||||
|
||||
# addresses that we don't want to send webmentions to
|
||||
# other schemes and stuff that's I link to too often
|
||||
# other schemes and stuff that I link to too often
|
||||
excludeDestinations = [
|
||||
"mailto:",
|
||||
"gemini:",
|
||||
|
@ -111,23 +111,3 @@ excludeDestinations = [
|
|||
"https://useplaintext.email/",
|
||||
"https://seirdy.one",
|
||||
]
|
||||
|
||||
[server]
|
||||
[[server.headers]]
|
||||
for = "/**.{css,png,webp,webm}"
|
||||
[server.headers.values]
|
||||
X-Content-Type-Options = "nosniff"
|
||||
Strict-Transport-Security = "max-age=31536000; includeSubDomains; preload"
|
||||
Cache-Control = "max-age=31557600, immutable"
|
||||
[[server.headers]]
|
||||
for = "/**"
|
||||
[server.headers.values]
|
||||
X-Content-Type-Options = "nosniff"
|
||||
Strict-Transport-Security = "max-age=31536000; includeSubDomains; preload"
|
||||
Referrer-Policy = "no-referrer"
|
||||
X-XSS-Protection = "1; mode=block"
|
||||
X-FROG-UNSAFE = "1"
|
||||
X-UA-Compatible = "IE=edge"
|
||||
Content-Security-Policy = "default-src 'none'; img-src 'self' https://seirdy.one data:; style-src 'unsafe-inline'; script-src 'self'; frame-ancestors 'none'; base-uri 'none'; form-action 'none'; manifest-src 'self'; upgrade-insecure-requests;"
|
||||
Permissions-Policy = "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()"
|
||||
Cache-Control = "max-age=120, no-transform"
|
||||
|
|
Loading…
Reference in a new issue