Relaxed headers

beljp · Sep 25, 2021 · 01bd308 · 01bd308
1 parent 9b5f052
commit 01bd308
Showing 1 changed file with 7 additions and 7 deletions.
diff --git a/netlify.toml b/netlify.toml
@@ -19,13 +19,13 @@
   [headers.values]
     Access-Control-Allow-Origin = "*"
     Access-Control-Allow-Headers = "Content-Type"
-    X-Frame-Options = "ALLOW-FROM https://testing.2cubedtest.com"
-    X-XSS-Protection = "1; mode=block"
-    Referrer-Policy = "no-referrer"
-    X-Content-Type-Options = "nosniff"
-    Strict-Transport-Security = "max-age=15780000; includeSubDomains; preload"
-    Feature-Policy = "geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none'"
-    Content-Security-Policy = "default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'"
+    # X-Frame-Options = "ALLOW-FROM https://testing.2cubedtest.com"
+    # X-XSS-Protection = "1; mode=block"
+    # Referrer-Policy = "no-referrer"
+    # X-Content-Type-Options = "nosniff"
+    # Strict-Transport-Security = "max-age=15780000; includeSubDomains; preload"
+    # Feature-Policy = "geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none'"
+    # Content-Security-Policy = "default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'"
 
 
 [[redirects]]