Home Explore Help
Sign In
xry111
/
hugo-academic
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

feat(netlify): add security headers + configurable CSP

Adds some default security headers.

CSP is configurable via Params.security.csp.policy (string) and Params.security.csp.report_only (boolean).

To enable, add `headers` to config.toml > outputs > home

Dedicated Netlify redirects file can also now be generated from front matter `aliases` by adding `redirects` to config.toml > outputs > home, and `disableAliases = true` to config.toml.
George Cushen 4 years ago
parent
de6860b8b3
commit
2d515e5fa5
3 changed files with 41 additions and 3 deletions
Split View Show Diff Stats
  1. 17 3
      wowchemy/config.yaml
  2. 15 0
      wowchemy/layouts/index.headers
  3. 9 0
      wowchemy/layouts/index.redirects

+ 17 - 3
wowchemy/config.yaml
View File 

@@ -1,11 +1,23 @@
 
 mediaTypes:
 
   application/manifest+json:
 
-    suffixes:
 
-      - webmanifest
 
+    suffixes: [webmanifest]
 
+  text/netlify:
 
+    delimiter: ''
 
+    suffixes: ['']
 
 outputFormats:
 
   WebAppManifest:
 
     mediaType: application/manifest+json
 
     rel: manifest
 
+  headers:
 
+    baseName: _headers
 
+    isPlainText: true
 
+    mediatype: text/netlify
 
+    notAlternative: true
 
+  redirects:
 
+    baseName: _redirects
 
+    isPlainText: true
 
+    mediatype: text/netlify
 
+    notAlternative: true
 
 module:
 
   hugoVersion:
 
     min: '0.78.2'
 
@@ -25,7 +37,9 @@ module:
 
       target: i18n
 
     - source: archetypes
 
       target: archetypes
 
-taxonomies: []
 
 params:
 
   theme: minimal
 
   font: native
 
+  date_format: 'Jan 2, 2006'
 
+  time_format: '3:04 PM'
 
+  address_format: en-us

+ 15 - 0
wowchemy/layouts/index.headers
View File 

@@ -0,0 +1,15 @@
 
+{{- $csp_policy := site.Params.security.csp.policy | default "" -}}
 
+{{- $csp_report_only := site.Params.security.csp.report_only | default false -}}
 
+# Netlify headers
 
+# Automatically generated
 
+# Documentation: http://bit.ly/netlify-deployment
 
+/*
 
+  X-Frame-Options: DENY
 
+  X-XSS-Protection: 1; mode=block
 
+  X-Content-Type-Options: nosniff
 
+  Strict-Transport-Security: max-age=31536000; includeSubDomains
 
+  {{with $csp_policy}}Content-Security-Policy{{if $csp_report_only}}-Report-Only{{end}}: {{.}}{{end}}
 
+/index.webmanifest
 
+  Content-Type: application/manifest+json
 
+/index.xml
 
+  Content-Type: application/rss+xml

+ 9 - 0
wowchemy/layouts/index.redirects
View File 

@@ -0,0 +1,9 @@
 
+# Netlify redirects
 
+# Automatically generated
 
+# Documentation: http://bit.ly/netlify-deployment
 
+{{- /* Note: code purposely un-indented to preserve required spacing in output. */ -}}
 
+{{- range $page := where site.AllPages ".Aliases" "!=" nil -}}
 
+{{- range $page.Aliases }}
 
+{{ .|relLangURL }} {{ $page.RelPermalink -}}
 
+{{- end }}
 
+{{- end -}}