rileybathurst/.htaccess

## .htaccess
<IfModule mod_headers.c>
  Header set Content-Security-Policy: "default-src 'self'; \
style-src 'self' 'unsafe-inline'; \
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.jsdelivr.net 'nonce-351731468999'; \
img-src 'self' secure.gravatar.com; \
font-src 'self' data:; \
child-src https://www.youtube.com https://player.vimeo.com; \
frame-ancestors 'none';"

Header set Strict-Transport-Security: max-age=63072000

Header set X-Content-Type-Options: nosniff

Header set X-Frame-Options: DENY

</IfModule>
	<IfModule mod_headers.c>
	Header set Content-Security-Policy: "default-src 'self'; \
	style-src 'self' 'unsafe-inline'; \
	script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.jsdelivr.net 'nonce-351731468999'; \
	img-src 'self' secure.gravatar.com; \
	font-src 'self' data:; \
	child-src https://www.youtube.com https://player.vimeo.com; \
	frame-ancestors 'none';"

	Header set Strict-Transport-Security: max-age=63072000

	Header set X-Content-Type-Options: nosniff

	Header set X-Frame-Options: DENY

	</IfModule>