Add security headers to the website.
The one bit of JS we have for the mobile menu needed some tweaking. Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
parent
60034b39a3
commit
a4089fcc72
@ -33,3 +33,11 @@ HUGO_ENABLEGITINFO = "true"
|
||||
for = "/fonts/*"
|
||||
[headers.values]
|
||||
Access-Control-Allow-Origin = "*"
|
||||
|
||||
[[headers]]
|
||||
for = "/*"
|
||||
[headers.values]
|
||||
Content-Security-Policy = "default-src 'self'; img-src *"
|
||||
X-Content-Type-Options = "nosniff"
|
||||
X-Frame-Options = "DENY"
|
||||
X-XSS-Protection = "1; mode=block"
|
@ -7,7 +7,7 @@
|
||||
<li><a href="/blog/" {{ if or (eq .Page.Section "posts") (eq .Page.Section "tags") }}class="active"{{ end }}>Blog</a></li>
|
||||
<li><a href="/docs/" {{ if (eq .Page.Section "docs") }}class="active"{{ end }}>Docs</a></li>
|
||||
</ul>
|
||||
<button type="button" class="mobile" onclick="mobileNavToggle()">
|
||||
<button type="button" class="mobile" id="mobile-menu-button">
|
||||
<img class="collapsed-icon" src="/img/hamburger.svg" alt="Mobile nav icon">
|
||||
<img class="expanded-icon" src="/img/close.svg" alt="Mobile nav icon">
|
||||
</button>
|
||||
|
@ -4,3 +4,6 @@ function mobileNavToggle() {
|
||||
var menu = document.getElementById("mobile-menu").parentElement;
|
||||
menu.classList.toggle('mobile-menu-visible');
|
||||
}
|
||||
document.addEventListener('DOMContentLoaded', function () {
|
||||
document.getElementById('mobile-menu-button').addEventListener('click', mobileNavToggle);
|
||||
});
|
Loading…
Reference in New Issue
Block a user