Skip to content

Commit

Permalink
make security headers less strict, fixing external auth
Browse files Browse the repository at this point in the history
  • Loading branch information
@NielsPilgaard
NielsPilgaard committed Aug 2, 2024
1 parent 054abab commit b0275bc
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion src/web/Jordnaer/Program.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,12 @@

var app = builder.Build();

app.UseSecurityHeaders(policies => policies.AddDefaultSecurityHeaders());
app.UseSecurityHeaders(policies => policies.AddFrameOptionsDeny()
.AddXssProtectionBlock()
.AddContentTypeOptionsNoSniff()
.AddStrictTransportSecurityMaxAge()
.AddReferrerPolicyStrictOriginWhenCrossOrigin()
.RemoveServerHeader());

if (app.Environment.IsDevelopment())
{
Expand Down

0 comments on commit b0275bc

Please sign in to comment.