-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathindex.js
19 lines (15 loc) · 1.09 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
'use strict';
exports.handler = async (event) => {
return new Promise((resolve) => {
const response = event.Records[0].cf.response;
const headers = response.headers;
headers['Strict-Transport-Security'] = [{ key: 'Strict-Transport-Security', value: 'max-age=63072000; includeSubDomains; preload' }];
headers['X-XSS-Protection'] = [{ key: 'X-XSS-Protection', value: '1; mode=block' }];
headers['X-Content-Type-Options'] = [{ key: 'X-Content-Type-Options', value: 'nosniff' }];
headers['X-Frame-Options'] = [{ key: 'X-Frame-Options', value: 'DENY' }];
headers['Referrer-Policy'] = [{ key: 'Referrer-Policy', value: 'no-referrer' }];
headers['Content-Security-Policy'] = [{ key: 'Content-Security-Policy', value: "default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self'; font-src 'self';" }];
headers['Feature-Policy'] = [{ key: 'Feature-Policy', value: "geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; vibrate 'none'; fullscreen 'self'; payment 'none';" }];
resolve(response);
});
};