Verified Commit 4cd32dab authored by Paul Wise's avatar Paul Wise

Django sites rely on Referrer headers for XSS protection

parent 5dc59979
......@@ -17,6 +17,7 @@ WSGIDaemonProcess wafertest \
Use common-debian-service-ssl wafertest.debconf.org
Use common-ssl-HSTS
Header always set Referrer-Policy "same-origin"
Header always set X-Content-Type-Options nosniff
Header always set X-XSS-Protection "1; mode=block"
# Header always set Access-Control-Allow-Origin: "*"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment