From 200701c1bddae4b9a854579ced35cb6aa325ad63 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Wed, 29 May 2024 17:47:27 +0200
Subject: move referrer-policy to HTTP header and harden

---
 config.toml | 1 +
 1 file changed, 1 insertion(+)

(limited to 'config.toml')

diff --git a/config.toml b/config.toml
index de6c9d5..70ed9f7 100644
--- a/config.toml
+++ b/config.toml
@@ -42,6 +42,7 @@ oidc_host = "https://id.alanpearce.eu/"
 [extra.headers]
   cache-control = "max-age=14400"
   x-content-type-options = "nosniff"
+  referrer-policy = "strict-origin-when-cross-origin"
   strict-transport-security = "max-age=63072000; includeSubDomains; preload"
 
 [[menus.main]]
-- 
cgit 1.4.1