इसे छोड़कर कंटेंट पर जाएं

Netlify

यह कंटेंट अभी तक आपकी भाषा में उपलब्ध नहीं है।

Content-Security-Policy for Static Content

Ensuring that Netlify serves your static content with the correct Content-Security-Policy headers requires some additional configuration. Specifically, set securityHeaders.enableOnStaticPages.provider to the value "netlify".

See a more complete example:

import { resolve } from 'node:path'
import { defineConfig } from 'astro/config'
import { shield } from '@kindspells/astro-shield'
const rootDir = new URL('.', import.meta.url).pathname
const modulePath = resolve(rootDir, 'src', 'generated', 'sriHashes.mjs')
export default defineConfig({
integrations: [
shield({
// - If set, it controls how the security headers will be generated.
// - If not set, no security headers will be generated.
securityHeaders: {
// This option is required to configure CSP headers for your static
// content on Netlify.
enableOnStaticPages: { provider: "netlify" },
// - If set, it controls how the CSP (Content Security Policy) header
// will be generated.
// - If not set, no CSP header will be configured for your static
// content (there is no need to specify its inner options).
contentSecurityPolicy: {
// - If set, it controls the "default" CSP directives (they can be
// overriden at runtime).
// - If not set, Astro-Shield will use a minimal set of default
// directives.
cspDirectives: {
'default-src': "'none'",
}
}
}
})
]
})