From 5a2ed7896d6318124afa6b70bbbbf2f6c3c8e383 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Wed, 8 Mar 2017 13:26:37 +0100
Subject: [PATCH] Set a bunch of security related headers that might break
 stuff.  We will found out

---
 modules/apache2/files/headers | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/modules/apache2/files/headers b/modules/apache2/files/headers
index f5bb06f8c..3e7167ac0 100644
--- a/modules/apache2/files/headers
+++ b/modules/apache2/files/headers
@@ -1,3 +1,9 @@
 <IfModule mod_headers.c>
   Header set X-Clacks-Overhead "GNU Terry Pratchett"
+
+  Header always set X-Content-Type-Options "nosniff"
+  Header always set X-Frame-Options "sameorigin"
+  Header always set Referrer-Policy "no-referrer"
+  # Header always set X-Xss-Protection "1; mode=block"
+  Header always set X-Xss-Protection "1"
 </IfModule>
-- 
2.20.1