additional secure headers
parent
918f7b7478
commit
17a7aeb807
|
@ -100,9 +100,11 @@ Rails.application.configure do
|
|||
'X-Content-Type-Options' => 'nosniff',
|
||||
'X-XSS-Protection' => '1; mode=block',
|
||||
'Referrer-Policy' => 'same-origin',
|
||||
'X-Download-Options' => 'noopen',
|
||||
'X-Robots-Tag' => 'none',
|
||||
'X-Permitted-Cross-Domain-Policies' => 'none',
|
||||
'Strict-Transport-Security' => 'max-age=63072000; includeSubDomains; preload',
|
||||
'X-Clacks-Overhead' => 'GNU Natalie Nguyen'
|
||||
|
||||
'X-Clacks-Overhead' => 'GNU Natalie Nguyen'
|
||||
}
|
||||
|
||||
config.x.otp_secret = ENV.fetch('OTP_SECRET')
|
||||
|
|
Loading…
Reference in New Issue