Send security headers with redirects, too
Alan Pearce alan@alanpearce.eu
Tue, 05 Sep 2023 21:11:21 +0200
1 files changed, 6 insertions(+), 1 deletions(-)
jump to
M Caddyfile → Caddyfile
@@ -21,7 +21,12 @@ http://, http://alanpearce.uk, http://www.alanpearce.uk, http://www.alanpearce.eu { - header Cache-Control max-age=31536000 + header { + Cache-Control max-age=31536000 + X-Content-Type-Options nosniff + Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" + Content-Security-Policy "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; frame-ancestors 'none'" + } redir https://alanpearce.eu{uri} permanent }