CSS and header tweaks

lambda.js

@@ -29,7 +29,11 @@ exports.handler = (event, context, callback) => {
 //    }];
     response.headers['Content-Security-Policy'] = [{
       key: 'Content-Security-Policy',
-      value: "default-src 'none'; script-src 'self' stats.jarv.is 'sha256-TLAu2p9kt4LHt+sWwE0cvqq1Ok5LoGzRPrw7+mzhX00='; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; form-action 'self'; child-src 'self'; frame-src 'self'; frame-ancestors 'self'; base-uri 'none'; object-src 'none'; worker-src 'none'; connect-src 'self' jarvis.report-uri.com stats.jarv.is; upgrade-insecure-requests; report-uri https://jarvis.report-uri.com/r/d/csp/enforce"
+      value: "default-src 'none'; script-src 'self' stats.jarv.is 'sha256-TLAu2p9kt4LHt+sWwE0cvqq1Ok5LoGzRPrw7+mzhX00='; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; object-src 'none'; media-src 'self'; base-uri 'none'; form-action 'self'; frame-src 'self'; frame-ancestors 'self'; worker-src 'none'; connect-src 'self' jarvis.report-uri.com stats.jarv.is; upgrade-insecure-requests; report-uri https://jarvis.report-uri.com/r/d/csp/enforce; report-to default"
+    }];
+    response.headers['Report-To'] = [{
+      key: 'Report-To',
+      value: "{\"group\":\"default\",\"max_age\":31536000,\"endpoints\":[{\"url\":\"https://jarvis.report-uri.com/a/d/g\"}],\"include_subdomains\":true}"
     }];
     response.headers['X-DNS-Prefetch-Control'] = [{
       key: 'X-DNS-Prefetch-Control',
@@ -41,7 +45,7 @@ exports.handler = (event, context, callback) => {
     }];
     response.headers['Expect-CT'] = [{
       key: 'Expect-CT',
-      value: "max-age=0, report-uri=\"https://jarvis.report-uri.com/r/d/ct/reportOnly\""
+      value: "max-age=86400, enforce, report-uri=\"https://jarvis.report-uri.com/r/d/ct/enforce\""
     }];
     response.headers['X-Permitted-Cross-Domain-Policies'] = [{
       key: 'X-Permitted-Cross-Domain-Policies',