Skip to content

Instantly share code, notes, and snippets.

@jarrodthibodeau
Created May 2, 2019 21:46
Show Gist options
  • Save jarrodthibodeau/36a9353e881a229c346516288c9a526a to your computer and use it in GitHub Desktop.
Save jarrodthibodeau/36a9353e881a229c346516288c9a526a to your computer and use it in GitHub Desktop.
now.json 2.0 static configuration to get your grade on securityheaders.com to an A (only for root path)
{
"version": 2,
"name": "PROJECT_NAME_HERE",
"alias": [
"YOUR_ALIASES_HERE"
],
"routes": [
{
"src": "/",
"headers": {
"Strict-Transport-Security": "max-age=31536000",
"X-Content-Type-Options": "nosniff",
"X-Frame-Options": "SAMEORIGIN",
"X-XSS-Protection": "1; mode=block",
"Referrer-Policy": "no-referrer-when-downgrade",
"Feature-Policy": "geolocation 'self'; notifications 'self'; push 'self'; microphone 'self'; camera 'self'",
"Content-Security-Policy": "default-src 'self'"
}
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment