Skip to content

Commit 9932ea8

Browse files
Mosas2000Mosas2000
authored
Merge pull request #189 from Mosas2000/fix/csp-headers
fix: add CSP and security headers for frontend deployment
2 parents f2ee7c8 + 0dcf474 commit 9932ea8

1 file changed

Lines changed: 6 additions & 0 deletions

File tree

frontend/public/_headers

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
/*
2+
X-Frame-Options: DENY
3+
X-Content-Type-Options: nosniff
4+
Referrer-Policy: strict-origin-when-cross-origin
5+
Permissions-Policy: camera=(), microphone=(), geolocation=()
6+
Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https://api.hiro.so https://api.mainnet.hiro.so https://api.testnet.hiro.so https://api.coingecko.com https://stacks-node-api.mainnet.stacks.co; frame-ancestors 'none'; base-uri 'self'; form-action 'self'

0 commit comments

Comments
 (0)