From 1cf880cec794607e2706e72224cc793ddb960666 Mon Sep 17 00:00:00 2001
From: mat ess <mat@mat.services>
Date: Thu, 20 Oct 2022 20:41:03 -0400
Subject: [PATCH] Add context.production

---
 netlify.toml | 73 ++++++++++++++++++++++++++--------------------------
 1 file changed, 37 insertions(+), 36 deletions(-)

diff --git a/netlify.toml b/netlify.toml
index 610c40d..bcecf8b 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -7,44 +7,45 @@
   publish = "public/"
   port = 1111
 
-[[redirects]]
-  from = "https://mat-services.netlify.app/*"
-  to = "https://mat.services/:splat"
-  force = true
+[context.production]
+  [[redirects]]
+    from = "https://mat-services.netlify.app/*"
+    to = "https://mat.services/:splat"
+    force = true
 
-[[headers]]
-  for = "/*"
+  [[headers]]
+    for = "/*"
 
-  [headers.values]
-		# disable FLoC tracking
-    Permissions-Policy = "interest-cohort=()"
-    # enable HSTS
-    Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
-    # disable clients from sniffing the media type
-    X-Content-Type-Options = "nosniff"
-    # clickjacking protection
-    X-Frame-Options = "DENY"
-    # keep referrer data off of HTTP connections
-    Referrer-Policy = "no-referrer"
-    # content security policy
-		# style-src 'unsafe-inline': syntax highlighting in codefences
-		# sandbox allow-popups: enable target="_blank" links to open in new tabs
-		Content-Security-Policy = '''
-    default-src 'none';
-    img-src 'self' https://mat.services https://stats.mat.services;
-    style-src 'self' https://mat.services 'unsafe-inline';
-    font-src 'self' https://mat.services;
-    script-src 'self' https://mat.services https://stats.mat.services;
-    form-action 'none';
-    frame-ancestors 'none';
-    base-uri 'none';
-    upgrade-insecure-requests;
-    sandbox
-      allow-same-origin
-      allow-scripts
-      allow-popups 
-      allow-popups-to-escape-sandbox
-    '''
+    [headers.values]
+      # disable FLoC tracking
+      Permissions-Policy = "interest-cohort=()"
+      # enable HSTS
+      Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
+      # disable clients from sniffing the media type
+      X-Content-Type-Options = "nosniff"
+      # clickjacking protection
+      X-Frame-Options = "DENY"
+      # keep referrer data off of HTTP connections
+      Referrer-Policy = "no-referrer"
+      # content security policy
+      # style-src 'unsafe-inline': syntax highlighting in codefences
+      # sandbox allow-popups: enable target="_blank" links to open in new tabs
+      Content-Security-Policy = '''
+      default-src 'none';
+      img-src 'self' https://mat.services https://stats.mat.services;
+      style-src 'self' https://mat.services 'unsafe-inline';
+      font-src 'self' https://mat.services;
+      script-src 'self' https://mat.services https://stats.mat.services;
+      form-action 'none';
+      frame-ancestors 'none';
+      base-uri 'none';
+      upgrade-insecure-requests;
+      sandbox
+        allow-same-origin
+        allow-scripts
+        allow-popups 
+        allow-popups-to-escape-sandbox
+      '''
 
 [context.deploy-preview]
   [[headers]]