tarrien/Mastodon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update local modifications for cors and cp

Browse Source
This commit is contained in:
beatrix-bitrot
2017-05-14 20:56:30 +00:00
parent 09f7ad3614
commit 9bc593d675
2 changed files with 11 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
config/environments/production.rb
View File

@ -93,9 +93,12 @@ Rails.application.configure do
end
config.action_dispatch.default_headers = {
'Server' => 'Mastodon',
'X-Frame-Options' => 'DENY',
'X-Content-Type-Options' => 'nosniff',
'X-XSS-Protection' => '1; mode=block',
'Server' => 'Mastodon',
'X-Frame-Options' => 'DENY',
'X-Content-Type-Options' => 'nosniff',
'X-XSS-Protection' => '1; mode=block',
'Content-Security-Policy' => "frame-ancestors 'none'; object-src 'none'; script-src 'self' https://dev-static.glitch.social 'unsafe-inline'; base-uri 'none';" ,
'Referrer-Policy' => 'no-referrer, strict-origin-when-cross-origin',
'Strict-Transport-Security' => 'max-age=63072000; includeSubDomains; preload'
}
end