From a4024d05c9f3a6807b212a4570381274e7a88b70 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Tue, 5 Sep 2023 21:11:21 +0200
Subject: Send security headers with redirects, too

---
 Caddyfile | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'Caddyfile')

diff --git a/Caddyfile b/Caddyfile
index f06dbce..ff6b07d 100644
--- a/Caddyfile
+++ b/Caddyfile
@@ -21,7 +21,12 @@ http://,
 http://alanpearce.uk,
 http://www.alanpearce.uk,
 http://www.alanpearce.eu {
-	header Cache-Control max-age=31536000
+	header {
+		Cache-Control max-age=31536000
+		X-Content-Type-Options nosniff
+		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+		Content-Security-Policy "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; frame-ancestors 'none'"
+	}
 	redir https://alanpearce.eu{uri} permanent
 }
 
-- 
cgit 1.4.1