Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Thse two headers should be fine, but let's test them in staging first

Browse source 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
This commit is contained in:
Patrick Uiterwijk 2017-10-16 22:11:35 +00:00
parent dc2355fd05
commit f3fbcce829
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
roles/httpd/website/templates/securityheaders.conf
View file

@ -1,4 +1,6 @@
{% if env == "staging" %}
Header always set X-Frame-Options "DENY"
Header always set X-Xss-Protection "1; mode=block"
{% endif %}
Header always set X-Content-Type-Options "nosniff"
Header always set Referrer-Policy "same-origin"