mirror of https://github.com/MISP/MISP
fix: allow x-frames in apache configs
parent
bb42cf79ba
commit
a6521034f3
|
@ -23,7 +23,7 @@
|
|||
|
||||
Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
|
||||
Header always set X-Content-Type-Options nosniff
|
||||
Header always set X-Frame-Options DENY
|
||||
Header always set X-Frame-Options SAMEORIGIN
|
||||
Header always unset "X-Powered-By"
|
||||
|
||||
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
ServerSignature Off
|
||||
|
||||
Header always set X-Content-Type-Options nosniff
|
||||
Header always set X-Frame-Options DENY
|
||||
Header always set X-Frame-Options SAMEORIGIN
|
||||
Header always unset "X-Powered-By"
|
||||
|
||||
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
||||
|
|
|
@ -47,7 +47,7 @@
|
|||
|
||||
Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
|
||||
Header always set X-Content-Type-Options nosniff
|
||||
Header always set X-Frame-Options DENY
|
||||
Header always set X-Frame-Options SAMEORIGIN
|
||||
Header always unset "X-Powered-By"
|
||||
|
||||
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
ServerSignature Off
|
||||
|
||||
Header always set X-Content-Type-Options nosniff
|
||||
Header always set X-Frame-Options DENY
|
||||
Header always set X-Frame-Options SAMEORIGIN
|
||||
Header always unset "X-Powered-By"
|
||||
|
||||
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
||||
|
|
Loading…
Reference in New Issue