Chuck a few more super-duper-security headers in there

2016-10-06 23:02:30 +02:00 · 2016-10-06 23:02:30 +02:00 · 72fc2e7068
commit 72fc2e7068
parent f8ac3a6ad3
1 changed files with 5 additions and 0 deletions
--- a/server.js
+++ b/server.js
@ -41,6 +41,11 @@ app.use(function (req, res, next) {
        //       documents in ckeditor.
        "img-src data: *"
    ].join('; '));
    res.setHeader('X-XSS-Protection', '1; mode=block');
    res.setHeader('X-Content-Type-Options', 'nosniff');
    res.setHeader('X-Frame-Options', 'SAMEORIGIN');
    next();
 });