samuel-p/samuel-philipp.de
samuel-p/samuel-philipp.de
1
0
Fork 0
Code Issues Pull requests 7 Releases Activity Actions

removed .htaccess updated README.md
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse source
This commit is contained in:
Samuel Philipp 2019-12-18 21:44:37 +01:00
parent f763e6dd84
commit 8b823276d4
2 changed files with 15 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
README.md
View file

@ -5,4 +5,18 @@
Website for samuel-philipp.de
[GitHub](https://github.com/samuel-p/samuel-philipp.de)
[GitLab](https://gitlab.com/samuel-p/samuel-philipp.de)
[GitLab](https://gitlab.com/samuel-p/samuel-philipp.de)
## Additional Header Parameters
The following Parameters are set directly on the Web-Server.
```
Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; font-src 'self'
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
```
There is also a `301` Redirect from http to https.

6
src/.htaccess
View file

@ -1,6 +0,0 @@
RewriteEngine On
Header always set "Content-Security-Policy" "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'"
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]