Set a bunch of security related headers that might break stuff. We will found out

author Peter Palfrader <peter@palfrader.org>

Wed, 8 Mar 2017 12:26:37 +0000 (13:26 +0100)

committer Peter Palfrader <peter@palfrader.org>

Wed, 8 Mar 2017 12:26:37 +0000 (13:26 +0100)
author Peter Palfrader <peter@palfrader.org>
Wed, 8 Mar 2017 12:26:37 +0000 (13:26 +0100)
committer Peter Palfrader <peter@palfrader.org>
Wed, 8 Mar 2017 12:26:37 +0000 (13:26 +0100)
diff --git a/modules/apache2/files/headers b/modules/apache2/files/headers

index f5bb06f..3e7167a 100644 (file)
--- a/modules/apache2/files/headers
+++ b/modules/apache2/files/headers
@@ -1,3 +1,9 @@
  <IfModule mod_headers.c>
    Header set X-Clacks-Overhead "GNU Terry Pratchett"
+
+  Header always set X-Content-Type-Options "nosniff"
+  Header always set X-Frame-Options "sameorigin"
+  Header always set Referrer-Policy "no-referrer"
+  # Header always set X-Xss-Protection "1; mode=block"
+  Header always set X-Xss-Protection "1"
  </IfModule>
author	Peter Palfrader <peter@palfrader.org>
	Wed, 8 Mar 2017 12:26:37 +0000 (13:26 +0100)
committer	Peter Palfrader <peter@palfrader.org>
	Wed, 8 Mar 2017 12:26:37 +0000 (13:26 +0100)