|
|
@ -12,7 +12,7 @@ Website for sp-codes.de |
|
|
|
The following Parameters are set directly on the Web-Server. |
|
|
|
|
|
|
|
``` |
|
|
|
Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; font-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'none' |
|
|
|
Content-Security-Policy: default-src 'none'; script-src 'self' https://plausible.sp-codes.de; object-src 'none'; style-src 'self'; img-src 'self'; media-src 'none'; frame-src 'none'; font-src 'self'; connect-src 'self' https://plausible.sp-codes.de; require-trusted-types-for 'script' |
|
|
|
Referrer-Policy: same-origin |
|
|
|
Feature-Policy: sync-xhr 'self' |
|
|
|
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload |
|
|
@ -21,4 +21,4 @@ X-Frame-Options: DENY |
|
|
|
X-XSS-Protection: 1; mode=block |
|
|
|
``` |
|
|
|
|
|
|
|
There is also a `301` Redirect from http to https. |
|
|
|
There is also a `301` Redirect from http to https. |