Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Security Headers #45

Open
micchickenburger opened this issue Jul 14, 2022 · 0 comments
Open

Add Security Headers #45

micchickenburger opened this issue Jul 14, 2022 · 0 comments
Assignees
@micchickenburger
Labels
enhancement New feature or request infrastructure

Comments

@micchickenburger
Copy link
Member

Security headers need to be added to the deployments. DoE requires HSTS in particular. Preloading not necessary. This may require the addition of a reverse proxy (nginx).

Current score on Mozilla Observatory is zero. Let’s shoot for an A+.

Also, let’s suppress the Express identification header.
@micchickenburger micchickenburger self-assigned this Jul 14, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@micchickenburger micchickenburger

Labels
enhancement New feature or request infrastructure
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@micchickenburger