mirror of https://github.com/MISP/MISP
fix: allow x-frames in apache configs
parent
bb42cf79ba
commit
a6521034f3
|
@ -23,7 +23,7 @@
|
||||||
|
|
||||||
Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
|
Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
|
||||||
Header always set X-Content-Type-Options nosniff
|
Header always set X-Content-Type-Options nosniff
|
||||||
Header always set X-Frame-Options DENY
|
Header always set X-Frame-Options SAMEORIGIN
|
||||||
Header always unset "X-Powered-By"
|
Header always unset "X-Powered-By"
|
||||||
|
|
||||||
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
||||||
|
|
|
@ -24,7 +24,7 @@
|
||||||
ServerSignature Off
|
ServerSignature Off
|
||||||
|
|
||||||
Header always set X-Content-Type-Options nosniff
|
Header always set X-Content-Type-Options nosniff
|
||||||
Header always set X-Frame-Options DENY
|
Header always set X-Frame-Options SAMEORIGIN
|
||||||
Header always unset "X-Powered-By"
|
Header always unset "X-Powered-By"
|
||||||
|
|
||||||
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
||||||
|
|
|
@ -47,7 +47,7 @@
|
||||||
|
|
||||||
Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
|
Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
|
||||||
Header always set X-Content-Type-Options nosniff
|
Header always set X-Content-Type-Options nosniff
|
||||||
Header always set X-Frame-Options DENY
|
Header always set X-Frame-Options SAMEORIGIN
|
||||||
Header always unset "X-Powered-By"
|
Header always unset "X-Powered-By"
|
||||||
|
|
||||||
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
ServerSignature Off
|
ServerSignature Off
|
||||||
|
|
||||||
Header always set X-Content-Type-Options nosniff
|
Header always set X-Content-Type-Options nosniff
|
||||||
Header always set X-Frame-Options DENY
|
Header always set X-Frame-Options SAMEORIGIN
|
||||||
Header always unset "X-Powered-By"
|
Header always unset "X-Powered-By"
|
||||||
|
|
||||||
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
||||||
|
|
Loading…
Reference in New Issue