Mercurial > repos > other > Puppet
diff modules/website/files/zzz-0-custom.conf @ 174:1457b5365c79 puppet-3.6
Add extra headers for improved security practice
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Sat, 03 Mar 2018 14:20:06 +0000 |
parents | 3c4f495d4eac |
children | 1b93429d28b8 |
line wrap: on
line diff
--- a/modules/website/files/zzz-0-custom.conf Sat Feb 17 20:59:37 2018 +0000 +++ b/modules/website/files/zzz-0-custom.conf Sat Mar 03 14:20:06 2018 +0000 @@ -87,4 +87,10 @@ </LimitExcept> </Location> -ServerTokens Minor \ No newline at end of file +ServerTokens Minor + +Header always set Referrer-Policy "no-referrer-when-downgrade" +Header always set Expect-CT "max-age=0, report-uri='https://ibboard.report-uri.io/r/default/ct/reportOnly'" +Header always set Content-Security-Policy "upgrade-insecure-requests" +Header always set Content-Security-Policy-Report-Only "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'" +#; report-uri https://ibboard.report-uri.com/r/d/csp/reportOnly" \ No newline at end of file