-
Notifications
You must be signed in to change notification settings - Fork 471
/
netlify.toml
68 lines (67 loc) · 1.71 KB
/
netlify.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
[[plugins]]
# Setting the plugin manually, so we can pick the version (see package.json).
package = "@netlify/plugin-nextjs"
# IMPORTANT: Keep this in sync with next.config.js
[[headers]]
for = "/*"
[headers.values]
Strict-Transport-Security = "max-age=31536000; includeSubDomains"
X-Content-Type-Options = "nosniff"
Content-Security-Policy = """
upgrade-insecure-requests; \
frame-ancestors 'self' ; \
frame-src https: ; \
connect-src \
'self' \
https://*.streamlit.app/ \
wss://*.streamlit.app/ \
https://streamlit.ghost.io/ghost/api/ \
https://api.segment.io/ \
https://cdn.segment.com/ \
https://*.auryc.com/ \
https://www.google-analytics.com/ \
https://stats.g.doubleclick.net/ \
https://px.ads.linkedin.com/ \
https://*.algolia.net/ \
https://*.algolianet.com/ \
https://kapa-widget-proxy-la7dkmplpq-uc.a.run.app/ \
; \
default-src 'none' ; \
font-src 'self' ; \
form-action 'self' ; \
img-src \
'self' \
data: \
https: \
; \
media-src \
'self'
https://s3-us-west-2.amazonaws.com/assets.streamlit.io/ \
; \
script-src \
'self' \
'unsafe-inline' \
'unsafe-eval' \
https://cdn.heapanalytics.com/ \
https://cdn.segment.com/ \
https://www.google-analytics.com/ \
https://www.googletagmanager.com/ \
https://identity.netlify.com/ \
https://netlify-cdp-loader.netlify.app/netlify.js \
https://www.youtube.com/iframe_api/ \
https://snap.licdn.com/ \
https://connect.facebook.net/ \
https://*.algolia.net/ \
https://*.algolianet.com/ \
https://widget.kapa.ai/kapa-widget.bundle.js \
https://www.google.com/recaptcha/api.js \
https://www.gstatic.com/recaptcha/releases/ \
; \
style-src \
'self' \
'unsafe-inline' \
; \
worker-src \
'self' \
blob: \
;"""