|
|
@@ -0,0 +1,18 @@
|
|
|
+<IfModule mod_headers.c>
|
|
|
+ Header set Access-Control-Allow-Origin "*"
|
|
|
+ Header set Cross-Origin-Embedder-Policy "unsafe-none"
|
|
|
+ Header set Cross-Origin-Opener-Policy "same-origin"
|
|
|
+ Header set Cross-Origin-Resource-Policy "cross-origin"
|
|
|
+ Header set Origin-Agent-Cluster "?1"
|
|
|
+ Header set Permissions-Policy "camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=()"
|
|
|
+ Header set Referrer-Policy "no-referrer"
|
|
|
+ Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload;"
|
|
|
+ Header set X-Content-Type-Options "nosniff"
|
|
|
+ Header set X-DNS-Prefetch-Control "off"
|
|
|
+ Header set X-Download-Options "noopen"
|
|
|
+ Header set X-Frame-Options "SAMEORIGIN"
|
|
|
+ Header set X-Permitted-Cross-Domain-Policies "none"
|
|
|
+ Header set X-XSS-Protection "1; mode=block"
|
|
|
+</IfModule>
|
|
|
+
|
|
|
+
|
Olivier Massot