forked from cybrespace/mastodon
Fix missing default headers
This commit is contained in:
parent
9467b900a2
commit
a59d10d3df
|
@ -38,7 +38,9 @@ module Mastodon
|
||||||
end
|
end
|
||||||
|
|
||||||
config.action_dispatch.default_headers = {
|
config.action_dispatch.default_headers = {
|
||||||
'X-Frame-Options' => 'DENY'
|
'X-Frame-Options' => 'DENY',
|
||||||
|
'X-Content-Type-Options' => 'nosniff',
|
||||||
|
'X-XSS-Protection' => '1; mode=block'
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue