-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathWeb.config
59 lines (59 loc) · 3.24 KB
/
Web.config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<system.web>
<compilation targetFramework="4.5.2"/>
<httpRuntime targetFramework="4.5.2"/>
<httpModules>
<add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web"/>
</httpModules>
</system.web>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs"
type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
warningLevel="4" compilerOptions="/langversion:6 /nowarn:1659;1699;1701"/>
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb"
type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
warningLevel="4" compilerOptions="/langversion:14 /nowarn:41008 /define:_MYTYPE=\"Web\" /optionInfer+"/>
</compilers>
</system.codedom>
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<security>
<requestFiltering removeServerHeader ="true"></requestFiltering>
</security>
<httpProtocol>
<customHeaders>
<remove name="X-Powered-By"/>
<add name="Strict-Transport-Security" value="max-age=31536000; includeSubDomains" />
<add name="X-Frame-Options" value="SAMEORIGIN" />
<add name="X-Content-Type-Options" value="nosniff" />
<add name="X-Xss-Protection" value="1; mode=block" />
<add name="Referrer-Policy" value="no-referrer-when-downgrade" />
<add name="Content-Security-Policy-Report-Only" value="default-src https: 'self' https://whitesrvjournalstatic.blob.core.windows.net ; font-src data: 'self' ; style-src data: 'self' https://whitesrvjournalstatic.blob.core.windows.net ; report-uri https://0a585b161e2223b558bf30554d34ecbf.report-uri.com/r/d/csp/reportOnly" />
<add name="Content-Security-Policy" value="upgrade-insecure-requests; report-uri https://0a585b161e2223b558bf30554d34ecbf.report-uri.com/r/d/csp/enforce" />
</customHeaders>
</httpProtocol>
<modules>
<remove name="ApplicationInsightsWebTracking"/>
<add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web"
preCondition="managedHandler"/>
</modules>
<rewrite>
<rules>
<rule name="images" patternSyntax="ECMAScript" enabled="true">
<match url="(.*)(images)(.*)" />
<action type="Redirect" url="https://whitesrvjournalstatic.blob.core.windows.net/images{R:3}"/>
</rule>
<rule name="css" patternSyntax="ECMAScript" enabled="true">
<match url="(.*)styles-site.css(.*)"/>
<action type="Redirect" url="https://whitesrvjournalstatic.blob.core.windows.net/styles-site.css"/>
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>