Skip to content

Commit

Permalink
Improve score on http://observatory.mozilla.org/ - fixes #808
Browse files Browse the repository at this point in the history 
Based on what Pascal added to other mozFr websites
  • Loading branch information
@TheoChevalier
TheoChevalier authored Feb 1, 2017
1 parent 816fd1c commit 9da7a4a
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions web/.htaccess
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,3 +33,11 @@
image/svg+xml
</IfModule>
</IfModule>

# Security good practices
<IfModule mod_headers.c>
Header set Content-Security-Policy "default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'; frame-ancestors 'none'"
Header set Strict-Transport-Security: max-age=31536000
Header set X-Content-Type-Options: nosniff
Header set X-XSS-Protection: "1; mode=block"
</IfModule>

0 comments on commit 9da7a4a

Please sign in to comment.