# Exemple de reverse proxy Caddy.
# Copier vers Caddyfile et adapter le domaine et la cible.
# TLS et en-têtes HTTP se gèrent ici.

blog.example.com {
	# En-têtes de sécurité

	header {
		Content-Security-Policy "default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; img-src 'self' data:; style-src 'self'; script-src 'self'"
		Referrer-Policy "same-origin"
		X-Content-Type-Options "nosniff"
		X-Frame-Options "SAMEORIGIN"
		Cross-Origin-Opener-Policy "same-origin"
		Cross-Origin-Resource-Policy "same-origin"
		Permissions-Policy "camera=(), microphone=(), geolocation=()"
		-Server
	}

	reverse_proxy localhost:8888
}