import { defineConfig } from 'astro/config';

// https://astro.build/config
export default defineConfig({
  site: 'https://nzambello.dev',
  output: 'static',
  server: {
    headers: {
      // Content Security Policy
      'Content-Security-Policy': [
        "default-src 'self'",
        "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://umami.nzambello.dev",
        "style-src 'self' 'unsafe-inline' https://unpkg.com",
        "img-src 'self' data: https:",
        "font-src 'self' https://unpkg.com",
        "connect-src 'self' https://umami.nzambello.dev",
        "media-src 'self'",
        "object-src 'none'",
        "base-uri 'self'",
        "form-action 'self'",
        "frame-ancestors 'none'",
        "upgrade-insecure-requests"
      ].join('; '),

      // HTTP Strict Transport Security
      'Strict-Transport-Security': 'max-age=31536000; includeSubDomains; preload',

      // X-Content-Type-Options
      'X-Content-Type-Options': 'nosniff',

      // X-Frame-Options
      'X-Frame-Options': 'DENY',

      // Referrer Policy
      'Referrer-Policy': 'strict-origin-when-cross-origin',

      // X-XSS-Protection (for older browsers)
      'X-XSS-Protection': '1; mode=block',

      // Permissions Policy
      'Permissions-Policy': 'camera=(), microphone=(), geolocation=(), payment=()',

      // Remove server information
      'Server': '',
      'X-Powered-By': ''
    }
  }
});