TND Modules Modular Tests

Blog
Search w/ Facets
Modules
Test Pages
Books
Events
Images
Products
🟢

partial "tnd-headers/private/netlify/FormatHeader" 🟢

Test 1
map[field:Feature-Policy value:camera 'none'; geolocation 'none'; microphone 'none';]
🟢
Test 2
map[field:Feature-Policy value:[camera 'none'; geolocation 'none'; microphone 'none';]]
🟢

partial "tnd-headers/private/SDUsesQuotes" 🟢

Test 1
https://some-cdn.com
🟢
Test 2
unsafe-inline
🟢

Config

tnd_headers:
  groups:
  - headers:
    - field: Content-Security-Policy
      value:
        base-uri:
        - none
        connect-src:
        - self
        - https://cdn.usefathom.com
        default-src: '''self'' ''bonjour'''
        font-src:
        - self
        img-src:
        - self
        - https://thenewdynamic.imgix.net
        - https://img3.usefathom.com
        object-src:
        - none
        prefetch-src:
        - https://thenewdynamic.imgix.net
        script-src:
        - self
        - unsafe-eval
        - https://cdn.usefathom.com
        - https://identity.netlify.com
        - https://unpkg.com
        style-src:
        - '''self'' ''bonjour'''
        - unsafe-inline
    - field: Strict-Transport-Security
      value: max-age=15768000
    - field: X-Xss-Protection
      value: 1; mode=block
    - field: X-Frame-Options
      value: DENY
    - field: X-Content-Type-Options
      value: nosniff
    - field: Referrer-Policy
      value: strict-origin-when-cross-origin
    - field: Feature-Policy
      value: camera 'none'; geolocation 'none'; microphone 'none';

Headers

/*
  Content-Security-Policy: base-uri 'none'; connect-src 'self' https://cdn.usefathom.com; default-src 'self' 'bonjour'; font-src 'self'; img-src 'self' https://thenewdynamic.imgix.net https://img3.usefathom.com; object-src 'none'; prefetch-src https://thenewdynamic.imgix.net; script-src 'self' 'unsafe-eval' https://cdn.usefathom.com https://identity.netlify.com https://unpkg.com; style-src 'self' 'bonjour' 'unsafe-inline';
  Strict-Transport-Security: max-age=15768000
  X-Xss-Protection: 1; mode=block
  X-Frame-Options: DENY
  X-Content-Type-Options: nosniff
  Referrer-Policy: strict-origin-when-cross-origin
  Feature-Policy: camera 'none'; geolocation 'none'; microphone 'none';

Config

tnd_headers:
  groups:
  - headers:
    - field: Content-Security-Policy
      value:
        base-uri:
        - none
        connect-src:
        - self
        - https://cdn.usefathom.com
        default-src: '''self'' ''bonjour'''
        font-src:
        - self
        img-src:
        - self
        - https://thenewdynamic.imgix.net
        - https://img3.usefathom.com
        object-src:
        - none
        prefetch-src:
        - https://thenewdynamic.imgix.net
        script-src:
        - self
        - unsafe-eval
        - https://cdn.usefathom.com
        - https://identity.netlify.com
        - https://unpkg.com
        style-src:
        - '''self'' ''bonjour'''
        - unsafe-inline
    - field: Strict-Transport-Security
      value: max-age=15768000
    - field: X-Xss-Protection
      value: 1; mode=block
    - field: X-Frame-Options
      value: DENY
    - field: X-Content-Type-Options
      value: nosniff
    - field: Referrer-Policy
      value: strict-origin-when-cross-origin
    - field: Feature-Policy
      value: camera 'none'; geolocation 'none'; microphone 'none';