From: Peter Palfrader <peter@palfrader.org>
Date: Wed, 8 Mar 2017 12:26:37 +0000 (+0100)
Subject: Set a bunch of security related headers that might break stuff.  We will found out
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=5a2ed7896d6318124afa6b70bbbbf2f6c3c8e383;p=mirror%2Fdsa-puppet.git

Set a bunch of security related headers that might break stuff.  We will found out
---

diff --git a/modules/apache2/files/headers b/modules/apache2/files/headers
index f5bb06f8c..3e7167ac0 100644
--- a/modules/apache2/files/headers
+++ b/modules/apache2/files/headers
@@ -1,3 +1,9 @@
 <IfModule mod_headers.c>
   Header set X-Clacks-Overhead "GNU Terry Pratchett"
+
+  Header always set X-Content-Type-Options "nosniff"
+  Header always set X-Frame-Options "sameorigin"
+  Header always set Referrer-Policy "no-referrer"
+  # Header always set X-Xss-Protection "1; mode=block"
+  Header always set X-Xss-Protection "1"
 </IfModule>