removed .htaccess updated README.md
Some checks failed
continuous-integration/drone/push Build is failing
Some checks failed
continuous-integration/drone/push Build is failing
This commit is contained in:
parent
f763e6dd84
commit
8b823276d4
2 changed files with 15 additions and 7 deletions
14
README.md
14
README.md
|
@ -6,3 +6,17 @@ Website for samuel-philipp.de
|
|||
|
||||
[GitHub](https://github.com/samuel-p/samuel-philipp.de)
|
||||
[GitLab](https://gitlab.com/samuel-p/samuel-philipp.de)
|
||||
|
||||
## Additional Header Parameters
|
||||
|
||||
The following Parameters are set directly on the Web-Server.
|
||||
|
||||
```
|
||||
Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; font-src 'self'
|
||||
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
|
||||
X-Content-Type-Options: nosniff
|
||||
X-Frame-Options: DENY
|
||||
X-XSS-Protection: 1; mode=block
|
||||
```
|
||||
|
||||
There is also a `301` Redirect from http to https.
|
|
@ -1,6 +0,0 @@
|
|||
RewriteEngine On
|
||||
|
||||
Header always set "Content-Security-Policy" "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'"
|
||||
|
||||
RewriteCond %{HTTPS} off
|
||||
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
|
Loading…
Reference in a new issue