achat-maison-albi-fr/vercel.json
Emil Gulamov e8a16def34 Refactor file structure and enhance security headers
Removed blog and product pages and moved their contents to new blog and product directories, respectively. Added a new 404 error page for invalid routes. Updated server configurations in 'vercel.json' to leverage additional security by adding 'cdnjs.cloudflare.com' to Content-Security-Policy headers.
2024-02-15 18:42:07 +04:00

41 lines
No EOL
1.3 KiB
JSON

{
"headers": [
{
"source": "/(.*)",
"headers": [
{
"key": "Content-Security-Policy",
"value": "default-src 'self'; base-uri 'self'; form-action 'self'; frame-src 'self'; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://images.unsplash.com; connect-src 'self'; object-src 'none'; upgrade-insecure-requests; block-all-mixed-content"
},
{
"key": "Permissions-Policy",
"value": "interest-cohort=()"
},
{
"key": "Referrer-Policy",
"value": "no-referrer-when-downgrade"
},
{
"key": "X-Content-Type-Options",
"value": "nosniff"
},
{
"key": "X-Frame-Options",
"value": "SAMEORIGIN"
},
{
"key": "X-XSS-Protection",
"value": "1; mode=block"
},
{
"key": "Cache-Control",
"value": "public, max-age=0, must-revalidate"
},
{
"key": "Strict-Transport-Security",
"value": "max-age=31536000; includeSubDomains; preload"
}
]
}
]
}