|
@@ -141,8 +141,17 @@ export default defineNuxtConfig({
|
|
|
},
|
|
},
|
|
|
},
|
|
},
|
|
|
security: {
|
|
security: {
|
|
|
|
|
+ ssg: {
|
|
|
|
|
+ meta: true,
|
|
|
|
|
+ hashScripts: true,
|
|
|
|
|
+ hashStyles: false,
|
|
|
|
|
+ },
|
|
|
sri: true,
|
|
sri: true,
|
|
|
|
|
+ nonce: true,
|
|
|
|
|
+ hidePoweredBy: true,
|
|
|
headers: {
|
|
headers: {
|
|
|
|
|
+ contentSecurityPolicy: false,
|
|
|
|
|
+ crossOriginResourcePolicy: 'cross-origin',
|
|
|
strictTransportSecurity: {
|
|
strictTransportSecurity: {
|
|
|
maxAge: 31536000,
|
|
maxAge: 31536000,
|
|
|
includeSubdomains: true,
|
|
includeSubdomains: true,
|
|
@@ -151,7 +160,6 @@ export default defineNuxtConfig({
|
|
|
xContentTypeOptions: 'nosniff',
|
|
xContentTypeOptions: 'nosniff',
|
|
|
xFrameOptions: 'SAMEORIGIN',
|
|
xFrameOptions: 'SAMEORIGIN',
|
|
|
xXSSProtection: '1; mode=block',
|
|
xXSSProtection: '1; mode=block',
|
|
|
- hidePoweredBy: true,
|
|
|
|
|
crossOriginEmbedderPolicy:
|
|
crossOriginEmbedderPolicy:
|
|
|
process.env.NODE_ENV === 'development' ? 'unsafe-none' : 'require-corp',
|
|
process.env.NODE_ENV === 'development' ? 'unsafe-none' : 'require-corp',
|
|
|
},
|
|
},
|
Olivier Massot