Add headers to caddy

main
mat ess 2022-08-13 00:48:18 -04:00
parent 7d3a5e35da
commit ad95f86290
1 changed files with 23 additions and 0 deletions

View File

@ -9,6 +9,7 @@ http://static-mat-services.fly.dev/ {
:8080 { :8080 {
root * /var/www root * /var/www
encode gzip
file_server file_server
handle_errors { handle_errors {
@ -18,4 +19,26 @@ http://static-mat-services.fly.dev/ {
rewrite @404 /404.html rewrite @404 /404.html
file_server file_server
} }
header {
# disable FLoC tracking
Permissions-Policy interest-cohort=()
# enable HSTS
# currently ramping up max-age as per https://hstspreload.org/
Strict-Transport-Security max-age=300; includeSubDomains
# disable clients from sniffing the media type
X-Content-Type-Options nosniff
# clickjacking protection
X-Frame-Options DENY
# keep referrer data off of HTTP connections
Referrer-Policy strict-origin-when-cross-origin
# content security policy
Content-Security-Policy "default-src 'none';
img-src 'self';
style-src https://cdn.jsdelivr.net/;
frame-ancestors 'none';
base-uri 'none';
upgrade-insecure-requests;
sandbox allow-same-origin"
}
} }