fix: resolve CORS issues with Netlify Identity and add security headers for custom domain

This commit is contained in:
Buğra
2025-07-10 04:04:23 +03:00
parent 65198cf783
commit 9457aa1ede
5 changed files with 43 additions and 16 deletions
+16
View File
@@ -1,6 +1,22 @@
[build]
publish = "dist"
[context.production.environment]
NETLIFY_SITE_URL = "https://taslak.radio.org.tr"
[[headers]]
for = "/*"
[headers.values]
X-Frame-Options = "DENY"
X-XSS-Protection = "1; mode=block"
X-Content-Type-Options = "nosniff"
Referrer-Policy = "strict-origin-when-cross-origin"
[[headers]]
for = "/decapcms/*"
[headers.values]
X-Frame-Options = "SAMEORIGIN"
[[redirects]]
from = "/#confirmation_token=*"
to = "/auth?confirmation_token=:splat"