From 419370d5f04e542e7d0568614f109142bcdcf943 Mon Sep 17 00:00:00 2001
From: Ru Chern Chong <hello@ruchern.xyz>
Date: Thu, 2 Nov 2023 17:38:04 +0800
Subject: [PATCH] Add headers

---
 middleware.ts | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/middleware.ts b/middleware.ts
index ad7df91..2a0fb8d 100644
--- a/middleware.ts
+++ b/middleware.ts
@@ -18,6 +18,19 @@ export const middleware = (request: NextRequest) => {
 
   const requestHeaders = new Headers(request.headers);
   requestHeaders.set("x-nonce", nonce);
+  requestHeaders.set("X-DNS-Prefetch-Control", "on");
+  requestHeaders.set(
+    "Strict-Transport-Security",
+    "max-age=63072000; includeSubDomains; preload",
+  );
+  requestHeaders.set("X-Frame-Options", "SAMEORIGIN");
+  requestHeaders.set(
+    "Permissions-Policy",
+    "camera=(), microphone=(), geolocation=(), browsing-topics=()",
+  );
+  requestHeaders.set("X-Content-Type-Options", "nosniff");
+  requestHeaders.set("Referrer-Policy", "origin-when-cross-origin");
+
   requestHeaders.set(
     "Content-Security-Policy",
     cspHeader.replace(/\s{2,}/g, " ").trim(),