fix: resolve CORS issues with Netlify Identity and add security headers for custom domain

This commit is contained in:
Buğra
2025-07-10 04:04:23 +03:00
parent 65198cf783
commit 9457aa1ede
5 changed files with 43 additions and 16 deletions
+2
View File
@@ -5,6 +5,8 @@ backend:
media_folder: 'src/assets/images'
public_folder: '/_astro'
locale: 'tr' # Türkçe olarak ayarlandı
site_url: https://taslak.radio.org.tr
display_url: https://taslak.radio.org.tr
+16
View File
@@ -1,6 +1,22 @@
[build]
publish = "dist"
[context.production.environment]
NETLIFY_SITE_URL = "https://taslak.radio.org.tr"
[[headers]]
for = "/*"
[headers.values]
X-Frame-Options = "DENY"
X-XSS-Protection = "1; mode=block"
X-Content-Type-Options = "nosniff"
Referrer-Policy = "strict-origin-when-cross-origin"
[[headers]]
for = "/decapcms/*"
[headers.values]
X-Frame-Options = "SAMEORIGIN"
[[redirects]]
from = "/#confirmation_token=*"
to = "/auth?confirmation_token=:splat"