From 2d673fd9c1101f748b385bb304746e541fda08c6 Mon Sep 17 00:00:00 2001
From: Ari Archer <ari.web.xyz@gmail.com>
Date: Sun, 25 Sep 2022 05:11:20 +0300
Subject: [PATCH] Let's hope this HSTS hack works for now

Signed-off-by: Ari Archer <ari.web.xyz@gmail.com>
---
 netlify.toml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/netlify.toml b/netlify.toml
index a0c2ae1..d902716 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -191,3 +191,14 @@
         Content-Security-Policy = "upgrade-insecure-requests"
         X-Permitted-Cross-Domain-Policies = "none"
         Referrer-Policy = "no-referrer"
+
+[[headers]]
+    for = "/"
+
+    [headers.values]
+        Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
+        X-Frame-Options = "deny"
+        X-Content-Type-Options = "nosniff"
+        Content-Security-Policy = "upgrade-insecure-requests"
+        X-Permitted-Cross-Domain-Policies = "none"
+        Referrer-Policy = "no-referrer"