Browse Source

Chuck a few more super-duper-security headers in there

master
Caleb James DeLisle 4 years ago
parent
commit
72fc2e7068
1 changed files with 5 additions and 0 deletions
  1. 5
      server.js

5
server.js

@ -41,6 +41,11 @@ app.use(function (req, res, next) {
// documents in ckeditor.
"img-src data: *"
].join('; '));
res.setHeader('X-XSS-Protection', '1; mode=block');
res.setHeader('X-Content-Type-Options', 'nosniff');
res.setHeader('X-Frame-Options', 'SAMEORIGIN');
next();
});

Loading…
Cancel
Save