-
Notifications
You must be signed in to change notification settings - Fork 6
/
static.json
47 lines (47 loc) · 2.35 KB
/
static.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
{
"root": "build",
"clean_urls": true,
"https_only": true,
"routes": {
"/**": "index.html"
},
"redirects": {
"/robots.txt": {
"url": "/robots.txt",
"status": 404
},
"/sitemap.xml": {
"url": "/sitemap.xml",
"status": 404
}
},
"headers": {
"/**": {
"Cache-Control": "no-store, no-cache, must-revalidate",
"X-Frame-Options": "SAMEORIGIN",
"X-Content-Type-Options": "nosniff",
"X-XSS-Protection": "1; mode=block",
"Referrer-Policy": "origin",
"Content-Security-Policy": "default-src 'none'; connect-src 'self' https: wss:; media-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; font-src 'self' data:; img-src 'self' https: data:; style-src https: 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'; frame-src 'self' https://auth.mozilla.auth0.com; base-uri 'none'; form-action 'none'",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains; always;"
},
"/*.*": {
"Cache-Control": "public, max-age=31536000, immutable",
"X-Frame-Options": "SAMEORIGIN",
"X-Content-Type-Options": "nosniff",
"X-XSS-Protection": "1; mode=block",
"Referrer-Policy": "origin",
"Content-Security-Policy": "default-src 'none'; connect-src 'self' https: wss:; media-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; font-src 'self' data:; img-src 'self' https: data:; style-src https: 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'; frame-src 'self' https://auth.mozilla.auth0.com; base-uri 'none'; form-action 'none'",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains; always;"
},
"/index.html": {
"Cache-Control": "no-store, no-cache, must-revalidate",
"X-Frame-Options": "SAMEORIGIN",
"X-Content-Type-Options": "nosniff",
"X-XSS-Protection": "1; mode=block",
"Referrer-Policy": "origin",
"Content-Security-Policy": "default-src 'none'; connect-src 'self' https: wss:; media-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; font-src 'self' data:; img-src 'self' https: data:; style-src https: 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'; frame-src 'self' https://auth.mozilla.auth0.com; base-uri 'none'; form-action 'none'",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains; always;"
}
}
}