What is wrong with my vercel.json config file?

[DmitriyRaz]

Summary

Hi all. I am trying to add these security headers to my vercel.josn config file, but it is not working. For some reason it won't even deploy to vercel, the only error I see is in github. If I delete the security headers, everything works perfectly and I deploy fine. I also ran the json file through a json linter and it was fine. All help appreciated.

Here is the code:

{
"version": 2,
"builds": [
{
"src": "src/server/app.js",
"use": "@vercel/node",
"config": {
"includeFiles": ["prisma/**/"]
}
},
{
"src": "package.json",
"use": "@vercel/static-build",
"config": {
"distDir": "dist",
"installCommand": "npm install && npx prisma generate",
"buildCommand": "npm run build"
}
}
],
"routes": [
{
"src": "/api/(.)",
"dest": "src/server/app.js"
},
{
"src": "/(.)",
"dest": "dist/$1"
}
],
"headers": [
{
"source": "/(.)",
"headers": [
{
"key": "Content-Security-Policy",
"value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.sanity.io; style-src 'self' 'unsafe-inline' https: https://cdn.sanity.io; img-src 'self' data: https: https://cdn.sanity.io; connect-src 'self' https://9eb5w67p.api.sanity.io https://*.sanity.io; font-src 'self' https: data: https://cdn.sanity.io; object-src 'none'; media-src 'self' https://cdn.sanity.io; frame-src 'none'; form-action 'self'; upgrade-insecure-requests;"
},
{
"key": "X-Frame-Options",
"value": "SAMEORIGIN"
},
{
"key": "X-Content-Type-Options",
"value": "nosniff"
},
{
"key": "Referrer-Policy",
"value": "strict-origin-when-cross-origin"
},
{
"key": "Permissions-Policy",
"value": "camera=(), microphone=(), geolocation=(), interest-cohort=()"
},
{
"key": "Strict-Transport-Security",
"value": "max-age=31536000; includeSubDomains; preload"
}
]
}
]
}

Example

No response

Steps to Reproduce

[github-actions[bot]]

This discussion was automatically locked because the community moved to a new site. Please join us at vercel.community