seckit.settings.yml in Varbase Core 9.0.x
modules/varbase_security/config/optional/seckit.settings.yml
File
modules/varbase_security/config/optional/seckit.settings.ymlView source
- seckit_xss:
- csp:
- checkbox: false
- report-only: false
- default-src: ""
- script-src: ""
- object-src: ""
- img-src: ""
- media-src: ""
- frame-src: ""
- child-src: ""
- font-src: ""
- connect-src: ""
- report-uri: report-csp-violation
- policy-uri: ""
- style-src: ""
- x_xss:
- seckit_x_xss_option_disable: Disabled
- seckit_x_xss_option_0: "0"
- seckit_x_xss_option_1: 1;
- seckit_x_xss_option_1_block: "1; mode=block"
- select: 0
- x_content_type:
- checkbox: true
- seckit_csrf:
- origin: false
- origin_whitelist: ""
- seckit_clickjacking:
- js_css_noscript: false
- noscript_message: "Sorry, you need to enable JavaScript to visit this website."
- x_frame: "1"
- x_frame_allow_from: ""
- seckit_ssl:
- hsts: false
- hsts_subdomains: false
- hsts_max_age: 1000
- hsts_preload: false
- seckit_various:
- from_origin: false
- from_origin_destination: same
- disable_autocomplete: true