move referrer-policy to HTTP header and harden
1 file changed, 1 insertion(+), 0 deletions(-)
changed files
M config.toml → config.toml
@@ -42,6 +42,7 @@ [extra.headers] cache-control = "max-age=14400" x-content-type-options = "nosniff" + referrer-policy = "strict-origin-when-cross-origin" strict-transport-security = "max-age=63072000; includeSubDomains; preload" [[menus.main]]