byarielm.fyi / atlast
ATlast — you'll never need to find your favorites on another platform again. Find your favs in the ATmosphere.
atproto
fork atom

add csp headers for netlify

byarielm.fyi 91989bc5 ab289b42

verified
options
unified split
Changed files
+18
netlify.toml
+18
netlify.toml
··· 23 23 for = "/.well-known/*" 24 24 [headers.values] 25 25 Access-Control-Allow-Origin = "*" 26 + 27 + [[headers]] 28 + for = "/*" 29 + [headers.values] 30 + Content-Security-Policy = """ 31 + default-src 'self'; 32 + script-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; 33 + style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; 34 + font-src 'self' https://fonts.gstatic.com; 35 + img-src 'self' data: https:; 36 + connect-src 'self' https://bsky.social https://*.bsky.network; 37 + frame-ancestors 'none'; 38 + base-uri 'self'; 39 + form-action 'self'; 40 + """ 41 + X-Frame-Options = "DENY" 42 + X-Content-Type-Options = "nosniff" 43 + Referrer-Policy = "strict-origin-when-cross-origin"