From a4024d05c9f3a6807b212a4570381274e7a88b70 Mon Sep 17 00:00:00 2001 From: Alan Pearce Date: Tue, 5 Sep 2023 21:11:21 +0200 Subject: Send security headers with redirects, too --- Caddyfile | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Caddyfile b/Caddyfile index f06dbce..ff6b07d 100644 --- a/Caddyfile +++ b/Caddyfile @@ -21,7 +21,12 @@ http://, http://alanpearce.uk, http://www.alanpearce.uk, http://www.alanpearce.eu { - header Cache-Control max-age=31536000 + header { + Cache-Control max-age=31536000 + X-Content-Type-Options nosniff + Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" + Content-Security-Policy "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; frame-ancestors 'none'" + } redir https://alanpearce.eu{uri} permanent } -- cgit 1.4.1