26 lines
849 B
Caddyfile
26 lines
849 B
Caddyfile
:80
|
|
|
|
root * /usr/share/caddy
|
|
|
|
# Serve static assets with correct MIME types - no fallback
|
|
@static path /assets/* /icons/* /manifest.webmanifest /service-worker.js
|
|
handle @static {
|
|
file_server
|
|
}
|
|
|
|
# SPA fallback - only for navigation requests
|
|
handle {
|
|
try_files {path} /index.html
|
|
file_server
|
|
}
|
|
|
|
header {
|
|
Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://supa.supersamsev.ru; font-src 'self'; connect-src 'self' https://supa.supersamsev.ru; frame-ancestors 'none'; form-action 'self'; base-uri 'self'"
|
|
X-Content-Type-Options "nosniff"
|
|
X-Frame-Options "DENY"
|
|
Referrer-Policy "strict-origin-when-cross-origin"
|
|
Permissions-Policy "camera=(), microphone=(), geolocation=()"
|
|
X-XSS-Protection "0"
|
|
Cross-Origin-Opener-Policy "same-origin"
|
|
}
|