<IfModule mod_headers.c>
  Header setifempty X-Content-Type-Options "nosniff"
  Header setifempty X-Frame-Options "DENY"
  Header setifempty X-XSS-Protection "1; mode=block"
  Header setifempty Referrer-Policy "strict-origin"
  Header setifempty Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; img-src 'self'; connect-src 'self'; form-action 'none'; base-uri 'self'; frame-ancestors 'none'"
  Header setifempty Permissions-Policy "camera=(), microphone=(), geolocation=(), gyroscope=(), magnetometer=(), usb=()"
</IfModule>

ErrorDocument 404 /404.html