mirror of
https://github.com/logto-io/logto.git
synced 2024-12-16 20:26:19 -05:00
parent
b40bae9c5b
commit
9faa9841c5
1 changed files with 1 additions and 0 deletions
|
@ -56,6 +56,7 @@ export default function koaSecurityHeaders<StateT, ContextT, ResponseBodyT>(
|
|||
|
||||
const basicSecurityHeaderSettings: HelmetOptions = {
|
||||
contentSecurityPolicy: false, // Exclusively set per app
|
||||
crossOriginOpenerPolicy: false, // Allow cross origin opener, as some apps rely on popup window for the sign-in flow
|
||||
crossOriginEmbedderPolicy: { policy: 'credentialless' },
|
||||
dnsPrefetchControl: false,
|
||||
referrerPolicy: {
|
||||
|
|
Loading…
Reference in a new issue