diff options
author | Sebastian Pech <windows@spech.de> | 2019-12-08 16:45:15 +0300 |
---|---|---|
committer | Sebastian Pech <windows@spech.de> | 2019-12-08 16:45:15 +0300 |
commit | 3c62553b21d7dc938fce8e8b1bcb2f8f5a2a9f9e (patch) | |
tree | d65ffcef486b36416242e8b300974d2d62821ee1 | |
parent | 601b3ed34e0c4608b3b7cc16215a2ae83b6751c4 (diff) |
Minor htaccess changes
-rw-r--r-- | static/.htaccess | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/static/.htaccess b/static/.htaccess index 132e09e..c2a3615 100644 --- a/static/.htaccess +++ b/static/.htaccess @@ -22,13 +22,13 @@ ErrorDocument 404 /404.html # HSTS Header set Strict-Transport-Security "max-age=31536000" # Block site from being framed with X-Frame-Options and CSP -#Header set Content-Security-Policy "frame-ancestors 'self';" +# Header set Content-Security-Policy "frame-ancestors 'self';" Header append X-Frame-Options: DENY # Prevent browsers from incorrectly detecting non-scripts as scripts Header append X-Content-Type-Options: nosniff # Content Security Policy # Don't implement the above policy yet; instead just report violations that would have occured -#Header set Content-Security-Policy-Report-Only: "default-src https: 'unsafe-eval' 'unsafe-inline' data:; img-src * data:; object-src 'none'; frame-src 'self' *.google.de google.de *.google.com google.com; font-src * https: data:; frame-ancestors 'self';" +# Header set Content-Security-Policy-Report-Only: "default-src https: 'unsafe-eval' 'unsafe-inline' data:; img-src * data:; object-src 'none'; frame-src 'self' *.google.de google.de *.google.com google.com; font-src * https: data:; frame-ancestors 'self';" Header set Content-Security-Policy: "default-src https: 'unsafe-eval' 'unsafe-inline' data:; img-src * data:; object-src 'none'; frame-src 'self' *.google.de google.de *.google.com google.com; font-src * data:; frame-ancestors 'self';" # Active GZIP compression @@ -58,7 +58,6 @@ SetOutputFilter DEFLATE # Browser Caching <IfModule mod_expires.c> - ExpiresActive on ExpiresDefault "access plus 1 month" |