index.headers 613 B

123456789101112131415
  1. {{- $csp_policy := site.Params.security.csp.policy | default "" -}}
  2. {{- $csp_report_only := site.Params.security.csp.report_only | default false -}}
  3. # Netlify headers
  4. # Automatically generated
  5. # Documentation: http://bit.ly/netlify-deployment
  6. /*
  7. X-Frame-Options: DENY
  8. X-XSS-Protection: 1; mode=block
  9. X-Content-Type-Options: nosniff
  10. Strict-Transport-Security: max-age=31536000; includeSubDomains
  11. {{with $csp_policy}}Content-Security-Policy{{if $csp_report_only}}-Report-Only{{end}}: {{.}}{{end}}
  12. /index.webmanifest
  13. Content-Type: application/manifest+json
  14. /index.xml
  15. Content-Type: application/rss+xml