Histórico da Página
...
| Bloco de código | ||
|---|---|---|
| ||
<httpProtocol>
<customHeaders>
<add name="X-Content-Type-Options" value="nosniff" />
<add name="X-Xss-Protection" value="1; mode=block" />
<add name="X-Frame-Options" value="SAMEORIGIN" />
<add name="Cache-Control" value="no-store" />
<add name="Strict-Transport-Security" value="max-age=31536000; includeSubDomains; preload" />
<add name="Cross-Origin-Embedder-Policy" value="require-corp" />
<add name="Cross-Origin-Resource-Policy" value="same-origin" />
<add name="Cross-Origin-Opener-Policy" value="same-origin" />
<add name="Permissions-Policy" value="camera=(self), microphone=(self), geolocation=(self), fullscreen=(self)" />
<add name="Referrer-Policy" value="no-referrer-when-downgrade" />
<add name="Content-Security-Policy" value=
" default-src 'self';
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://code.jquery.com;
style-src 'self' 'unsafe-inline'" />
' https://stackpath.bootstrapcdn.com https://www.googletagmanager.com;
img-src 'self' data: https://api.tiles.mapbox.com https://c.tile.openstreetmap.org https://a.tile.openstreetmap.org https://b.tile.openstreetmap.org https://api.qrserver.com https://chart.googleapis.com;
connect-src 'self' data: https://api.tiles.mapbox.com https://api.qrserver.com https://chart.googleapis.com https://nominatim.openstreetmap.org;
frame-ancestors 'self';
object-src 'none';
base-uri 'self';
"/>
</customHeaders>
</httpProtocol> |
| Informações | ||
|---|---|---|
| ||
As configuração mencionadas acima são apenas uma sugestão de parametrização, pois dependerá da configuração do ambiente de cada cliente. Os atributos 'unsafe-inline' e 'unsafe-eval' na diretiva script-src são obrigatórios de devido a exigência do funcionamento da aplicação, |
...
Visão Geral
Import HTML Content
Conteúdo das Ferramentas
Tarefas