forked from mozilla-frontend-infra/codetribute
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnetlify.toml
37 lines (32 loc) · 1.11 KB
/
netlify.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
[build]
command = "yarn build"
publish = "build"
[build.environment]
YARN_FLAGS = "--frozen-lockfile"
# Redirect HTTP to HTTPS
# TODO: Delete when Codetribute successfully moves to codetribute.mozilla.org
[[redirects]]
from = "http://codetribute.netlify.com/*"
to = "https://codetribute.netlify.com/:splat"
status = 301
force = true
# Redirect HTTP to HTTPS
[[redirects]]
from = "http://codetribute.mozilla.org/*"
to = "https://codetribute.mozilla.org/:splat"
status = 301
force = true
# Rule for SPA
[[redirects]]
from = "/*"
to = "/index.html"
status = 200
[[headers]]
for = "/*"
[headers.values]
X-Frame-Options = "DENY"
X-XSS-Protection = "1; mode=block"
Content-Security-Policy = "default-src 'none'; connect-src 'self' https://bugzilla-graphql-gateway.herokuapp.com https://api.github.com/graphql; script-src 'self'; font-src 'self' data:; img-src 'self'; style-src https: 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'"
Strict-Transport-Security = "max-age=31536000; includeSubDomains;"
Referrer-Policy = "no-referrer"
X-Content-Type-Options = "nosniff"