| 12345678910111213141516171819 |
- # Production only
- <IfModule mod_headers.c>
- Header set Access-Control-Allow-Origin "*"
- Header set Cross-Origin-Embedder-Policy "unsafe-none"
- Header set Cross-Origin-Opener-Policy "same-origin"
- Header set Cross-Origin-Resource-Policy "cross-origin"
- Header set Origin-Agent-Cluster "?1"
- Header set Permissions-Policy "camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=()"
- Header set Referrer-Policy "no-referrer"
- #Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload;"
- Header set X-Content-Type-Options "nosniff"
- Header set X-DNS-Prefetch-Control "off"
- Header set X-Download-Options "noopen"
- Header set X-Frame-Options "SAMEORIGIN"
- Header set X-Permitted-Cross-Domain-Policies "none"
- Header set X-XSS-Protection "1; mode=block"
- </IfModule>
|
