-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path_headers
executable file
·29 lines (25 loc) · 1.5 KB
/
_headers
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
/*
cache-control: public,max-age=300
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Security-Policy: base-uri 'self'; default-src 'self'; object-src 'none'; script-src 'self' 'sha256-Ky9qZOPnMhQV/s7Fdb9TYAOfU4KtWNqCZaFK8tSzXa0=' https://cdn.jsdelivr.net/ https://www.instagram.com/ https://platform.twitter.com/ https://beampipe.io https://unpkg.com https://um.mufidu.com; style-src 'unsafe-inline' https://fonts.googleapis.com/ https://cdn.jsdelivr.net/; img-src 'self' data: https://i.ytimg.com/ https://mufidu.goatcounter.com/ https://mufidu.com; frame-src https://www.youtube-nocookie.com/embed/ https://open.spotify.com/ https://www.instagram.com/ https://platform.twitter.com/; connect-src https://beampipe.io https://mufidu.com https://um.mufidu.com/um.js
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;
Permissions-Policy: interest-cohort=(), microphone=(), camera=()
Referrer-Policy: strict-origin-when-cross-origin
Cross-Origin-Embedder-Policy: require-corp; report-to='default';
Cross-Origin-Opener-Policy: same-site; report-to=default;
Cross-Origin-Resource-Policy: same-site
/img/*
cache-control: public,max-age=31536000,immutable
/js/*
cache-control: public,max-age=31536000,immutable
/fonts/*
cache-control: public,max-age=31536000,immutable
/img/*.avif
Content-Type: image/avif,
Content-Disposition: inline,
/favicon*
cache-control: public,max-age=3600
/img/favicon*
cache-control: public,max-age=3600