fix: resolve CORS issues with Netlify Identity and add security headers for custom domain
This commit is contained in:
@@ -5,6 +5,8 @@ backend:
|
||||
media_folder: 'src/assets/images'
|
||||
public_folder: '/_astro'
|
||||
|
||||
locale: 'tr' # Türkçe olarak ayarlandı
|
||||
|
||||
site_url: https://taslak.radio.org.tr
|
||||
display_url: https://taslak.radio.org.tr
|
||||
|
||||
|
||||
@@ -1,6 +1,22 @@
|
||||
[build]
|
||||
publish = "dist"
|
||||
|
||||
[context.production.environment]
|
||||
NETLIFY_SITE_URL = "https://taslak.radio.org.tr"
|
||||
|
||||
[[headers]]
|
||||
for = "/*"
|
||||
[headers.values]
|
||||
X-Frame-Options = "DENY"
|
||||
X-XSS-Protection = "1; mode=block"
|
||||
X-Content-Type-Options = "nosniff"
|
||||
Referrer-Policy = "strict-origin-when-cross-origin"
|
||||
|
||||
[[headers]]
|
||||
for = "/decapcms/*"
|
||||
[headers.values]
|
||||
X-Frame-Options = "SAMEORIGIN"
|
||||
|
||||
[[redirects]]
|
||||
from = "/#confirmation_token=*"
|
||||
to = "/auth?confirmation_token=:splat"
|
||||
|
||||
Reference in New Issue
Block a user