-
Notifications
You must be signed in to change notification settings - Fork 2
/
netlify.toml
42 lines (36 loc) · 1.64 KB
/
netlify.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
[build]
# Directory to change to before starting a build.
# This is where we will look for package.json/.nvmrc/etc.
base = "/"
# Default build command.
command = '''
jekyll build && \
chmod +x ./_site/assets/startup/build.sh && \
./_site/assets/startup/build.sh
'''
environment = { JEKYLL_ENV = "development" }
# Directory (relative to root of your repo) that contains the deploy-ready
# HTML files and assets generated by the build.
publish = "/_site"
# Specific branch context: all deploys from this specific branch will inherit
# these settings.
[context.production]
environment = { JEKYLL_ENV = "production" }
# Specific branch context: all deploys from this specific branch will inherit
# these settings.
[context.staging] # 'staging' is a branch name
environment = { JEKYLL_ENV = "development" }
[[headers]]
for = "/*"
[headers.values]
# Prevents page from being rendered in iframe
# Set to allow-from <uri> if required
X-Frame-Options = "sameorigin"
# XSS filter, prevent rendering if detected
X-XSS-Protection = "1; mode=block"
Content-Security-Policy = "default-src 'self'; img-src *; frame-src *; font-src *; media-src *; style-src * 'unsafe-inline'; connect-src 'self' https://*.opendoc.sg; script-src 'self' https://www.google-analytics.com 'sha256-cZeHu5WczV7gma7unmZ5l6WP54Plm4jzl1MUr4q2lrY='"
# Dont send referrer headers
Referrer-Policy = "no-referrer"
# Blocks request if request type does not match
X-Content-Type-Options = "nosniff"
Feature-Policy = "geolocation 'none'; microphone 'none'; camera 'none'"