Created
May 2, 2019 21:46
-
-
Save jarrodthibodeau/36a9353e881a229c346516288c9a526a to your computer and use it in GitHub Desktop.
now.json 2.0 static configuration to get your grade on securityheaders.com to an A (only for root path)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "version": 2, | |
| "name": "PROJECT_NAME_HERE", | |
| "alias": [ | |
| "YOUR_ALIASES_HERE" | |
| ], | |
| "routes": [ | |
| { | |
| "src": "/", | |
| "headers": { | |
| "Strict-Transport-Security": "max-age=31536000", | |
| "X-Content-Type-Options": "nosniff", | |
| "X-Frame-Options": "SAMEORIGIN", | |
| "X-XSS-Protection": "1; mode=block", | |
| "Referrer-Policy": "no-referrer-when-downgrade", | |
| "Feature-Policy": "geolocation 'self'; notifications 'self'; push 'self'; microphone 'self'; camera 'self'", | |
| "Content-Security-Policy": "default-src 'self'" | |
| } | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment