Home Explore Help
Sign In
liushengqiang
/
excalidraw
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Add Security Headers (#1200)

Lipis 5 years ago
parent
31f76d59a2
commit
00c5823a5e
2 changed files with 29 additions and 1 deletions
Split View Show Diff Stats
  1. 27 0
      now.json
  2. 2 1
      public/index.html

+ 27 - 0
now.json
View File 

@@ -1,4 +1,31 @@
 
 {
 
+  "headers": [
 
+    {
 
+      "source": "/(.*)",
 
+      "headers": [
 
+        {
 
+          "key": "Access-Control-Allow-Origin",
 
+          "value": "*"
 
+        },
 
+        {
 
+          "key": "X-Content-Type-Options",
 
+          "value": "nosniff"
 
+        },
 
+        {
 
+          "key": "Feature-Policy",
 
+          "value": "*"
 
+        },
 
+        {
 
+          "key": "Referrer-Policy",
 
+          "value": "origin"
 
+        },
 
+        {
 
+          "key": "Content-Security-Policy",
 
+          "value": "default-src https: data: 'unsafe-inline'; connect-src https://*.excalidraw.com wss://excalidraw-socket.herokuapp.com https://excalidraw-socket.herokuapp.com"
 
+        }
 
+      ]
 
+    }
 
+  ],
 
   "redirects": [
 
     {
 
       "source": "/([^.]+)",

+ 2 - 1
public/index.html
View File 

@@ -7,10 +7,11 @@
 
       name="viewport"
 
       content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no, viewport-fit=cover, shrink-to-fit=no"
 
     />
 
+    <meta name="referrer" content="origin" />
 
     <meta name="apple-mobile-web-app-capable" content="yes" />
 
 
     <meta name="theme-color" content="#000000" />
 
-    <!-- prettier-ignore -->
 
+
 
     <meta
 
       http-equiv="origin-trial"
 
       content="AsyySICOnLFPHhAi+SdB6g3Cr28MuSeq3a+2k3UOUKu+ikmEjAqYHAK3HSLx4keUd1BLYUPWPYAe6F9hyuO3JwUAAABceyJvcmlnaW4iOiJodHRwczovL3d3dy5leGNhbGlkcmF3LmNvbTo0NDMiLCJmZWF0dXJlIjoiTmF0aXZlRmlsZVN5c3RlbSIsImV4cGlyeSI6MTU4OTE4MzIxMH0="