Histórico da Página

...
Bloco de código
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <appSettings>
        <add key="StackTraceVisible" value="false" />
    </appSettings>
    <system.web> 
        <compilation debug="falsetrue" />
    </system.web>
    <system.webServer>
        <httpProtocol>
            <customHeaders> 
				<remove name="Content-Security-Policy" />
				<remove name="X-Content-Type-Options" />
				<remove name="X-Xss-Protection" />
				
                <add 
                name="Content-Security-Policy"
                value="default-src 'self' http://*.rm.cloudtotvs.com.br https://*.rm.cloudtotvs.com.br;
                       script-src 'self' https://www.googletagmanager.com https://integrations.memed.com.br https://cdn*.memed.com.br https://cdn.rudderlabs.com https://static.hotjar.com https://script.hotjar.com 'sha256-udd7tgqqiuE63xVVImVw4X2698oKyeOHMxP6WdpSz9g=' https://static.cloudflareinsights.com/;
                       style-src 'self' 'unsafe-inline';
                       object-src 'none';
                       base-uri 'self';
                       connect-src data: 'self' wss://ws.hotjar.com https://content.hotjar.io https://vc.hotjar.io https://metrics.hotjar.io ws://*.rm.cloudtotvs.com.br:8051 wss://*.rm.cloudtotvs.com.br:8051 https://*.rm.cloudtotvs.com.br:8051 http://*.rm.cloudtotvs.com.br:8051 https://api.rudderlabs.com https://cdn.memed.com.br https://integrations*.memed.com.br https://ipv4.icanhazip.com https://api.ipify.org httphttps://corporerm.*.rm.cloudtotvs.com.br:8051 wstotvs.io https://dtavoiceapi.azurewebsites.net https://corporermvoice.*dta.rm.cloudtotvs.com.br:8051totvs.io;
                       font-src 'self';
                       frame-src 'self' https://integrations.memed.com.br https://totvs.daily.co https://www.googletagmanager.com;
                       img-src 'self' data: https://cdn.jsdelivr.net;
                       manifest-src 'self';
                       media-src 'self';
                       worker-src 'none';" />
                       
                <add name="X-Content-Type-Options" value="nosniff" />
                <add name="X-Xss-Protection" value="1; mode=block" />
                <add name="X-Frame-Options" value="SAMEORIGIN" />
                <add name="Cache-Control" value="no-store" />
                <add name="Strict-Transport-Security"
                    value="max-age=31536000; includeSubDomains; preload" />
                				<add name="Permissions-Policy" value='camera=(self "https://totvs.daily.co"), microphone=(self "https://totvs.daily.co"), geolocation=(self), fullscreen=(self)' />
                				<add name="Referrer-PolicyAccess-Control-Allow-Origin" value="no-referrer-when-downgradehttps://*.rm.cloudtotvs.com.br" />
                				<add name="CrossAccess-OriginControl-EmbedderAllow-PolicyMethods" value="same-origin" />
                <add name="Cross-Origin-Resource-Policy" value="same-origin" />
                GET, POST, PUT, DELETE, OPTIONS" />
				<add name="CrossAccess-OriginControl-OpenerAllow-PolicyHeaders" value="same-originContent-Type, Authorization" /> 
                <remove name="X-Powered-By" />
            </customHeaders>
  			      </httpProtocol>
        <security>
            <requestFiltering removeServerHeader="true">
                <verbs>
                    <add verb="TRACE" allowed="false" />
                </verbs>
            </requestFiltering>
        </security>
    </system.webServer>
    <system.web>
        <httpRuntime enableVersionHeader="false" />
        <pages viewStateEncryptionMode="Always" />
    </system.web>
</configuration>
...
Atalhos

Páginas filhas

Versões comparadas

Versão antiga 15

Nova versão Atual

Chave
