This repository has been archived by the owner on Dec 14, 2023. It is now read-only.
forked from Open-Attestation/verify-ui
-
Notifications
You must be signed in to change notification settings - Fork 0
/
_headers.deploy-preview
15 lines (14 loc) · 3.16 KB
/
_headers.deploy-preview
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
# Custom headers for static pages only
/*
Content-Security-Policy: frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.wogaa.sg https://*.dcube.cloud/ https://assets.adobedtm.com/ https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://unpkg.com/[email protected]/css/sgds.css https://fonts.googleapis.com/ https://assets.dcube.cloud/fonts/; default-src 'self' https://*.dcube.cloud/ https://*.demdex.net/ https://cm.everesttech.net/ https://wogadobeanalytics.sc.omtrdc.net/ https://*.wogaa.sg; base-uri 'self'; form-action 'self'; img-src 'self' https://wogadobeanalytics.sc.omtrdc.net/ https://cm.everesttech.net/ https://dpm.demdex.net/ www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com/s/ https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://unpkg.com/[email protected]/ data: https://assets.dcube.cloud/fonts/; manifest-src 'self'; connect-src https://gist.githubusercontent.com https://*.gov.sg/ https://dns.google/ https://mainnet.infura.io/v3/ https://ropsten.infura.io/v3/ https://dpm.demdex.net/ https://*.dcube.cloud/ https://*.wogaa.sg https://cm.everesttech.net/ https://wogadobeanalytics.sc.omtrdc.net/ https://*.openattestation.com https://www.google-analytics.com; frame-src https://*.openattestation.com https://*.gov.sg
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
# IMPORTANT: Custom headers for server-side pages must be supplied by Next.js in `next.config.js`.
# Source: https://answers.netlify.com/t/custom-headers-in-netlify-toml-not-working/48619/8
#
#/verify
# Content-Security-Policy: frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com/ https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://unpkg.com/[email protected]/css/sgds.css https://fonts.googleapis.com/ https://assets.dcube.cloud/fonts/; default-src 'self' https://*.demdex.net/ https://cm.everesttech.net/ https://wogadobeanalytics.sc.omtrdc.net/; base-uri 'self'; form-action 'self'; img-src 'self' https://wogadobeanalytics.sc.omtrdc.net/ https://cm.everesttech.net/ https://dpm.demdex.net/ www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com/s/ https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://unpkg.com/[email protected]/ data: https://assets.dcube.cloud/fonts/; manifest-src 'self'; connect-src https://gist.githubusercontent.com https://*.gov.sg/ https://dns.google/ https://mainnet.infura.io/v3/ https://ropsten.infura.io/v3/ https://dpm.demdex.net/ https://cm.everesttech.net/ https://wogadobeanalytics.sc.omtrdc.net/ https://*.openattestation.com https://*.notarise.io https://www.google-analytics.com; frame-src https://*.openattestation.com https://*.gov.sg
# X-Frame-Options: DENY
# X-XSS-Protection: 1; mode=block
# X-Content-Type-Options: nosniff