nzambello.dev/astro.config.mjs

import { defineConfig } from 'astro/config';

// https://astro.build/config
export default defineConfig({
  site: 'https://nzambello.dev',
  output: 'static',
  server: {
    headers: {
      // Content Security Policy
      'Content-Security-Policy': [
        "default-src 'self'",
        "script-src 'self' 'sha256-U0WpsmVuEv6JLpvNc218U7NDQFOhmT0SoynEzwNuH2k=' 'sha256-wKQx33OMOj4svpJjCKMJBzqx4TLqRnSERHrGGRq1r0g=' 'sha256-H8banCcLFAzpThob4LupxIv2ab+Nqep1HLg5Gmq6ug8=' https://umami.nzambello.dev",
        "style-src 'self' 'unsafe-inline' https://unpkg.com",
        "img-src 'self' https:",
        "font-src 'self' https://unpkg.com",
        "connect-src 'self' https://umami.nzambello.dev",
        "media-src 'self'",
        "object-src 'none'",
        "base-uri 'none'",
        "form-action 'self'",
        "frame-ancestors 'none'",
        "upgrade-insecure-requests"
      ].join('; '),

      // HTTP Strict Transport Security
      'Strict-Transport-Security': 'max-age=31536000; includeSubDomains; preload',

      // X-Content-Type-Options
      'X-Content-Type-Options': 'nosniff',

      // X-Frame-Options
      'X-Frame-Options': 'DENY',

      // Referrer Policy
      'Referrer-Policy': 'strict-origin-when-cross-origin',

      // X-XSS-Protection (for older browsers)
      'X-XSS-Protection': '1; mode=block',

      // Permissions Policy
      'Permissions-Policy': 'camera=(), microphone=(), geolocation=(), payment=()',

      // Remove server information
      'Server': '',
      'X-Powered-By': ''
    }
  }
});
chore: switch to static build with dockerfile 2023-07-18 18:29:43 +02:00			`import { defineConfig } from 'astro/config';`
chore: configure cloudflare adapter 2023-05-31 10:17:30 +02:00
Initial commit from Astro 2023-05-30 17:12:28 +02:00			`// https://astro.build/config`
			`export default defineConfig({`
chore: switch to static build with dockerfile 2023-07-18 18:29:43 +02:00			`site: 'https://nzambello.dev',`
fix: security headers 2025-08-12 14:35:55 +02:00			`output: 'static',`
			`server: {`
			`headers: {`
			`// Content Security Policy`
			`'Content-Security-Policy': [`
			`"default-src 'self'",`
fix: csp headers 2025-08-12 14:45:07 +02:00			`"script-src 'self' 'sha256-U0WpsmVuEv6JLpvNc218U7NDQFOhmT0SoynEzwNuH2k=' 'sha256-wKQx33OMOj4svpJjCKMJBzqx4TLqRnSERHrGGRq1r0g=' 'sha256-H8banCcLFAzpThob4LupxIv2ab+Nqep1HLg5Gmq6ug8=' https://umami.nzambello.dev",`
fix: security headers 2025-08-12 14:35:55 +02:00			`"style-src 'self' 'unsafe-inline' https://unpkg.com",`
fix: csp headers 2025-08-12 14:45:07 +02:00			`"img-src 'self' https:",`
fix: security headers 2025-08-12 14:35:55 +02:00			`"font-src 'self' https://unpkg.com",`
			`"connect-src 'self' https://umami.nzambello.dev",`
			`"media-src 'self'",`
			`"object-src 'none'",`
fix: csp headers 2025-08-12 14:45:07 +02:00			`"base-uri 'none'",`
fix: security headers 2025-08-12 14:35:55 +02:00			`"form-action 'self'",`
			`"frame-ancestors 'none'",`
			`"upgrade-insecure-requests"`
			`].join('; '),`

			`// HTTP Strict Transport Security`
			`'Strict-Transport-Security': 'max-age=31536000; includeSubDomains; preload',`

			`// X-Content-Type-Options`
			`'X-Content-Type-Options': 'nosniff',`

			`// X-Frame-Options`
			`'X-Frame-Options': 'DENY',`

			`// Referrer Policy`
			`'Referrer-Policy': 'strict-origin-when-cross-origin',`

			`// X-XSS-Protection (for older browsers)`
			`'X-XSS-Protection': '1; mode=block',`

			`// Permissions Policy`
			`'Permissions-Policy': 'camera=(), microphone=(), geolocation=(), payment=()',`

			`// Remove server information`
			`'Server': '',`
			`'X-Powered-By': ''`
			`}`
			`}`
chore: switch to static build with dockerfile 2023-07-18 18:29:43 +02:00			`});`