-
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathstaticwebapp.config.json
More file actions
84 lines (84 loc) · 2.03 KB
/
staticwebapp.config.json
File metadata and controls
84 lines (84 loc) · 2.03 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
{
"platform": {
"apiRuntime": "node:20"
},
"auth": {
"rolesSource": "/api/get-roles"
},
"routes": [
{
"route": "/login",
"redirect": "/.auth/login/github"
},
{
"route": "/logout",
"redirect": "/.auth/logout"
},
{
"route": "/_astro/*",
"allowedRoles": ["anonymous"]
},
{
"route": "/profile/*",
"allowedRoles": ["authenticated"]
},
{
"route": "/welcome",
"allowedRoles": ["authenticated"]
},
{
"route": "/find",
"allowedRoles": ["authenticated"]
},
{
"route": "/admin/*",
"allowedRoles": ["admin"]
},
{
"route": "/api/profile-save",
"allowedRoles": ["authenticated"]
},
{
"route": "/api/profile-get",
"allowedRoles": ["authenticated"]
},
{
"route": "/api/profiles",
"allowedRoles": ["authenticated"]
},
{
"route": "/api/account-delete",
"allowedRoles": ["authenticated"]
},
{
"route": "/api/admin-users",
"allowedRoles": ["admin"]
},
{
"route": "/api/get-roles",
"allowedRoles": ["anonymous", "authenticated"]
},
{
"route": "/api/*",
"allowedRoles": ["anonymous", "authenticated"]
}
],
"responseOverrides": {
"401": {
"redirect": "/.auth/login/github?post_login_redirect_uri=.referrer",
"statusCode": 302
},
"404": {
"rewrite": "/404.html"
}
},
"globalHeaders": {
"X-Content-Type-Options": "nosniff",
"X-Frame-Options": "DENY",
"X-XSS-Protection": "1; mode=block",
"Referrer-Policy": "strict-origin-when-cross-origin",
"Permissions-Policy": "geolocation=(), microphone=(), camera=()",
"Strict-Transport-Security": "max-age=63072000; includeSubDomains; preload",
"Content-Security-Policy": "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://avatars.githubusercontent.com https://github.com; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; object-src 'none'; upgrade-insecure-requests"
}
}