HTTP Headers: Configure HTTP Security Headers
Configure HTTP Security Headers as required:
-
Content-Security-Policy -
Strict-Transport-Security -
X-Frame-Options -
X-Content-Type-Options -
Referrer-Policy -
Permissions-Policy -
Test which headers to configure: https://securityheaders.com/
Ref:
- OWASP: HTTP Headers Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Headers_Cheat_Sheet.html
Edited by Janna