diff options
author | Alan Pearce | 2023-09-05 21:11:21 +0200 |
---|---|---|
committer | Alan Pearce | 2023-09-05 21:12:22 +0200 |
commit | a4024d05c9f3a6807b212a4570381274e7a88b70 (patch) | |
tree | 4d1746fcc3c4975761e23b6744edce68767f9387 /Caddyfile | |
parent | f8ee173f8c1703727d276a6c7a9f6d80b5dbb5e2 (diff) | |
download | website-a4024d05c9f3a6807b212a4570381274e7a88b70.tar.lz website-a4024d05c9f3a6807b212a4570381274e7a88b70.tar.zst website-a4024d05c9f3a6807b212a4570381274e7a88b70.zip |
Send security headers with redirects, too
Diffstat (limited to 'Caddyfile')
-rw-r--r-- | Caddyfile | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/Caddyfile b/Caddyfile index f06dbce..ff6b07d 100644 --- a/Caddyfile +++ b/Caddyfile @@ -21,7 +21,12 @@ http://, http://alanpearce.uk, http://www.alanpearce.uk, http://www.alanpearce.eu { - header Cache-Control max-age=31536000 + header { + Cache-Control max-age=31536000 + X-Content-Type-Options nosniff + Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" + Content-Security-Policy "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; frame-ancestors 'none'" + } redir https://alanpearce.eu{uri} permanent } |