Toml File with headers

chuy89 · April 16, 2020, 9:50pm

Hello,

I am just trying to add headers to my toml file. Not sure if I need the build, but I tried without it too. My headers are not working correctly. Am I missing something?

[build]
  publish = "/"

[[headers]]
  for = "/*"
  [headers.values]
    Content-Security-Policy: "default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self'; img-src 'self'; media-src 'none'; frame-src 'none'; font-src 'self'; connect-src 'none'"
    X-Content-Security-Policy: "default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self'; img-src 'self'; media-src 'none'; frame-src 'none'; font-src 'self'; connect-src 'none'"
    X-WebKit-CSP: "default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self'; img-src 'self'; media-src 'none'; frame-src 'none'; font-src 'self'; connect-src 'none'"

chuy89 · April 16, 2020, 2:30pm

I actually solved it by using the below syntax. I did not see a lot of examples for setting these up so I hope this helps someone else.

[build]
  publish = "/"

[[headers]]
  for = "/*"
  [headers.values]
    Content-Security-Policy = '''
    default-src 'self';
    script-src 'self';
    object-src 'none';
    style-src 'self';
    img-src 'self';
    media-src 'none';
    frame-src 'none';
    font-src 'self';
    connect-src 'none'
    '''
    X-Content-Security-Policy = '''
    default-src 'self';
    script-src 'self';
    object-src 'none';
    style-src 'self';
    img-src 'self';
    media-src 'none';
    frame-src 'none';
    font-src 'self';
    connect-src 'none'
    '''
    X-WebKit-CSP = '''
    default-src 'self';
    script-src 'self';
    object-src 'none';
    style-src 'self';
    img-src 'self';
    media-src 'none';
    frame-src 'none';
    font-src 'self';
    connect-src 'none'
    '''