-
Notifications
You must be signed in to change notification settings - Fork 1
/
customHttp.yml
23 lines (23 loc) · 1.26 KB
/
customHttp.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
customHeaders:
- pattern: "**/*"
headers:
- key: "Strict-Transport-Security"
value: "max-age=31536000; includeSubDomains"
- key: "Content-Security-Policy"
value: "script-src 'self'; frame-ancestors 'none'; default-src 'self'; connect-src https://rpc-mumbai.maticvigil.com/ https://ropsten.infura.io/ https://*.binance.org:8545/ https://kovan.infura.io/; base-uri 'none'; report-uri https://docs.google.com/forms/d/e/1FAIpQLSfPmChemZbG2TaGUsN1i5IPNnsFl1wBykGAZAF6Je3uWZJrRg/viewform; form-action 'none'; object-src 'none'; style-src 'self'; img-src 'self' data:"
- key: "X-Frame-Options"
value: "SAMEORIGIN"
- key: "X-Content-Type-Options"
value: "nosniff"
- key: "Referrer-Policy"
value: "same-origin"
- key: "Permissions-Policy"
value: "fullscreen=(), geolocation=()"
- key: "X-Permitted-Cross-Domain-Policies"
value: "none"
- key: "Feature-Policy"
value: "microphone 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'"
- key: "Expect-CT"
value: "enforce, max-age=31536000, report-uri='https://docs.google.com/forms/d/e/1FAIpQLSfPmChemZbG2TaGUsN1i5IPNnsFl1wBykGAZAF6Je3uWZJrRg/viewform'"
- key: "X-XSS-Protection"
value: "1; mode=block"