nzambello.dev/astro.config.mjs

import { defineConfig } from 'astro/config';

// https://astro.build/config
export default defineConfig({
  site: 'https://nzambello.dev',
  output: 'static',
  server: {
    headers: {
      // Content Security Policy
      // 'Content-Security-Policy': [
      //   "default-src 'self'",
      //   "script-src 'self' 'sha256-U0WpsmVuEv6JLpvNc218U7NDQFOhmT0SoynEzwNuH2k=' 'sha256-wKQx33OMOj4svpJjCKMJBzqx4TLqRnSERHrGGRq1r0g=' 'sha256-H8banCcLFAzpThob4LupxIv2ab+Nqep1HLg5Gmq6ug8=' https://umami.nzambello.dev",
      //   "style-src 'self' 'unsafe-inline' https://unpkg.com",
      //   "img-src 'self' https:",
      //   "font-src 'self' https://unpkg.com",
      //   "connect-src 'self' https://umami.nzambello.dev",
      //   "media-src 'self'",
      //   "object-src 'none'",
      //   "base-uri 'none'",
      //   "form-action 'self'",
      //   "frame-ancestors 'none'",
      //   "upgrade-insecure-requests"
      // ].join('; '),

      // HTTP Strict Transport Security
      'Strict-Transport-Security': 'max-age=31536000; includeSubDomains; preload',

      // X-Content-Type-Options
      'X-Content-Type-Options': 'nosniff',

      // X-Frame-Options
      'X-Frame-Options': 'DENY',

      // Referrer Policy
      'Referrer-Policy': 'strict-origin-when-cross-origin',

      // X-XSS-Protection (for older browsers)
      'X-XSS-Protection': '1; mode=block',

      // Permissions Policy
      'Permissions-Policy': 'camera=(), microphone=(), geolocation=(), payment=()',

      // Remove server information
      'Server': '',
      'X-Powered-By': ''
    }
  }
});
chore: switch to static build with dockerfile 2023-07-18 18:29:43 +02:00			`import { defineConfig } from 'astro/config';`
chore: configure cloudflare adapter 2023-05-31 10:17:30 +02:00
Initial commit from Astro 2023-05-30 17:12:28 +02:00			`// https://astro.build/config`
			`export default defineConfig({`
chore: switch to static build with dockerfile 2023-07-18 18:29:43 +02:00			`site: 'https://nzambello.dev',`
fix: security headers 2025-08-12 14:35:55 +02:00			`output: 'static',`
			`server: {`
			`headers: {`
			`// Content Security Policy`
fix: remove csp 2025-08-12 14:51:49 +02:00			`// 'Content-Security-Policy': [`
			`// "default-src 'self'",`
			`// "script-src 'self' 'sha256-U0WpsmVuEv6JLpvNc218U7NDQFOhmT0SoynEzwNuH2k=' 'sha256-wKQx33OMOj4svpJjCKMJBzqx4TLqRnSERHrGGRq1r0g=' 'sha256-H8banCcLFAzpThob4LupxIv2ab+Nqep1HLg5Gmq6ug8=' https://umami.nzambello.dev",`
			`// "style-src 'self' 'unsafe-inline' https://unpkg.com",`
			`// "img-src 'self' https:",`
			`// "font-src 'self' https://unpkg.com",`
			`// "connect-src 'self' https://umami.nzambello.dev",`
			`// "media-src 'self'",`
			`// "object-src 'none'",`
			`// "base-uri 'none'",`
			`// "form-action 'self'",`
			`// "frame-ancestors 'none'",`
			`// "upgrade-insecure-requests"`
			`// ].join('; '),`
fix: security headers 2025-08-12 14:35:55 +02:00
			`// HTTP Strict Transport Security`
			`'Strict-Transport-Security': 'max-age=31536000; includeSubDomains; preload',`

			`// X-Content-Type-Options`
			`'X-Content-Type-Options': 'nosniff',`

			`// X-Frame-Options`
			`'X-Frame-Options': 'DENY',`

			`// Referrer Policy`
			`'Referrer-Policy': 'strict-origin-when-cross-origin',`

			`// X-XSS-Protection (for older browsers)`
			`'X-XSS-Protection': '1; mode=block',`

			`// Permissions Policy`
			`'Permissions-Policy': 'camera=(), microphone=(), geolocation=(), payment=()',`

			`// Remove server information`
			`'Server': '',`
			`'X-Powered-By': ''`
			`}`
			`}`
chore: switch to static build with dockerfile 2023-07-18 18:29:43 +02:00			`});`