chuy89
April 16, 2020, 5:11am
1
Hello,
I am just trying to add headers to my toml file. Not sure if I need the build, but I tried without it too. My headers are not working correctly. Am I missing something?
[build]
publish = "/"
[[headers]]
for = "/*"
[headers.values]
Content-Security-Policy: "default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self'; img-src 'self'; media-src 'none'; frame-src 'none'; font-src 'self'; connect-src 'none'"
X-Content-Security-Policy: "default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self'; img-src 'self'; media-src 'none'; frame-src 'none'; font-src 'self'; connect-src 'none'"
X-WebKit-CSP: "default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self'; img-src 'self'; media-src 'none'; frame-src 'none'; font-src 'self'; connect-src 'none'"
chuy89
April 16, 2020, 2:30pm
2
I actually solved it by using the below syntax. I did not see a lot of examples for setting these up so I hope this helps someone else.
[build]
publish = "/"
[[headers]]
for = "/*"
[headers.values]
Content-Security-Policy = '''
default-src 'self';
script-src 'self';
object-src 'none';
style-src 'self';
img-src 'self';
media-src 'none';
frame-src 'none';
font-src 'self';
connect-src 'none'
'''
X-Content-Security-Policy = '''
default-src 'self';
script-src 'self';
object-src 'none';
style-src 'self';
img-src 'self';
media-src 'none';
frame-src 'none';
font-src 'self';
connect-src 'none'
'''
X-WebKit-CSP = '''
default-src 'self';
script-src 'self';
object-src 'none';
style-src 'self';
img-src 'self';
media-src 'none';
frame-src 'none';
font-src 'self';
connect-src 'none'
'''