pfischbeck/projekteuler
1
0
Fork 0
mirror of https://github.com/projekteuler/projekteuler.git synced 2025-12-10 08:46:41 +01:00
Code Issues Releases Wiki Activity

Improve default HTTP headers

Browse Source
This commit is contained in:
Philipp Fischbeck 2019-03-19 22:39:21 +01:00
parent bb6001ee27
commit d6f3a86908
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
config/application.rb
View File

@ -17,7 +17,12 @@ module Projekteuler
# the framework and any gems in your application.
config.action_dispatch.default_headers = {
'X-Frame-Options' => 'DENY'
'X-Frame-Options' => 'DENY',
'X-XSS-Protection' => '1; mode=block',
'X-Content-Type-Options' => 'nosniff',
'X-Download-Options' => 'noopen',
'X-Permitted-Cross-Domain-Policies' => 'none',
'Referrer-Policy' => 'strict-origin-when-cross-origin'
}
# Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.