newblog/netlify.toml

[build]
publish = "public"
command = "npm run abridge -- '--base-url https://abridge.netlify.app'"

[build.environment]
ZOLA_VERSION = "0.19.1"

[context.deploy-preview]
command = "npm run abridge -- '--drafts --base-url https://abridge.netlify.app'"

[[headers]]
  for = "/*"
  [headers.values]
    X-Frame-Options = "DENY"
    X-Content-Type-Options = "nosniff"
    X-XSS-Protection = "1; mode=block"
    Referrer-Policy = "strict-origin-when-cross-origin"
    Strict-Transport-Security = "max-age=63072000; includeSubdomains"
    # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy (disabled everything except autoplay, local-fonts, screen-wake-lock, speaker-selection)
    # opt out of Federated Learning of Cohorts (aka "FLoC") - https://amifloced.org/
    Permissions-Policy = "interest-cohort=(), accelerometer=(), ambient-light-sensor=(), battery=(), bluetooth=(), browsing-topics=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), identity-credentials-get=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-create=(), publickey-credentials-get=(), serial=(), storage-access=(), sync-xhr=(), usb=(), web-share=(), window-management=(), xr-spatial-tracking=()"
    Content-Security-Policy = "default-src 'none'; frame-ancestors 'none'; object-src 'none'; base-uri 'self'; manifest-src 'self'; worker-src 'self'; form-action 'self'; connect-src 'self' *.hyvor.com ws://*.hyvor.com; script-src 'self' talk.hyvor.com; img-src 'self' data: talk.hyvor.com cdn.cloudflare.com; frame-src 'self' www.youtube-nocookie.com player.vimeo.com streamable.com www.streamable.com; media-src 'self' data: cdn.cloudflare.com www.youtube-nocookie.com player.vimeo.com; font-src 'self' cdn.cloudflare.com cdn.jsdelivr.net fonts.gstatic.com; style-src 'self' talk.hyvor.com cdn.cloudflare.com cdn.jsdelivr.net fonts.googleapis.com;"
[[headers]]
  for = "*.js"#javascript
  [headers.values]
    Cache-Control = "public, max-age=604800, must-revalidate"
[[headers]]
  for = "*.css"#stylesheet
  [headers.values]
    Cache-Control = "public, max-age=604800, must-revalidate"
[[headers]]
  for = "*.svg"#image/favicon
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.png"#image/favicon
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.ico"#image/favicon
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.jpg"#image
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.jpeg"#image
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.gif"#image
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.webp"#image
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.avif"#image
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.mp4"#video
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.webm"#video
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.mp3"#audio
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.ogg"#audio
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.otf"#font
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.eot"#font
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.ttf"#font
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.woff"#font
  [headers.values]
    Cache-Control = "public, max-age=604800"
[[headers]]
  for = "*.woff2"#font
  [headers.values]
    Cache-Control = "public, max-age=604800"