+ 1
- 1
theme/root/.htaccess
查看文件
| @@ -40,7 +40,7 @@ ExpiresByType application/x-font-woff2 "access plus 1 year" | |||
| Header always set Strict-Transport-Security "max-age=31536000; preload" | |||
| Header always set X-Frame-Options SAMEORIGIN | |||
| Header always set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data:; media-src *" | |||
| Header always set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data:; media-src *; frame-src 'self' https://player.vimeo.com; script-src 'self' 'unsafe-inline' https://player.vimeo.com" | |||
| Header always set X-Content-Type-Options nosniff | |||
| Header always set X-XSS-Protection "1; mode=block" | |||
| Header always set Referrer-Policy "origin" | |||
Loading…