[PATCH v1 prose.sh] chore: add security headers
Export this patch
---
Caddyfile | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/Caddyfile b/Caddyfile
index 7fe8b0f..36828b0 100644
--- a/Caddyfile
+++ b/Caddyfile
@@ -4,6 +4,24 @@
interval 1m
burst 10
}
+
+ header {
+ # disable FLoC tracking
+ Permissions-Policy interest-cohort=()
+
+ # enable HSTS
+ Strict-Transport-Security max-age=31536000;
+
+ # disable clients from sniffing the media type
+ X-Content-Type-Options nosniff
+
+ # clickjacking protection
+ X-Frame-Options DENY
+
+ # keep referrer data off of HTTP connections
+ Referrer-Policy no-referrer-when-downgrade
+ }
+
}
*.prose.sh, prose.sh {
--
2.37.0