-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathnetlify.toml
9 lines (9 loc) · 1.11 KB
/
netlify.toml
1
2
3
4
5
6
7
8
9
[[headers]]
for = "/*"
[headers.values]
SameSite = "Lax"
Referrer-Policy = "strict-origin-when-cross-origin"
Content-Security-Policy = "default-src 'self' *.cloudinary.com res.cloudinary.com; script-src 'self' *.google-analytics.com *.logrocket.com *.lr-in.com; worker-src 'self' blob: data: lr-ingest.io *.lr-ingest.io; prefetch-src 'self'; connect-src 'self' r.lr-in.com lr-ingest.io *.lr-ingest.io google-analytics.com *.google-analytics.com; img-src 'self' data: cloudfront.net *.cloudfront.net cloudinary.com *.cloudinary.com; font-src 'unsafe-inline' gstatic.com *.gstatic.com cloudfront.net *.cloudfront.net; manifest-src 'self'; style-src 'unsafe-inline' *.netlify.app dnjs.cloudflare.com googleapis.com *.googleapis.com cloudfront.net *.cloudfront.net; frame-ancestors 'self'; form-action 'self'; script-src-elem 'self' 'unsafe-inline' lr-ingest.io *.lr-ingest.io cloudfront.net *.cloudfront.net googletagmanager.com *.googletagmanager.com google-analytics.com *.google-analytics.com *.logrocket.com *.lr-in.com"
X-Frame-Options = "SAMEORIGIN"
X-XSS-Protection = "0"
X-Content-Type-Options = "nosniff"