mirror of
https://github.com/logto-io/logto.git
synced 2024-12-16 20:26:19 -05:00
1c431e7a59
* feat(core): add some basic security headers add some basic security headers * chore(core): add some comments add some comments * chore(core): update the refererPolicy configs update the refererPolicy configs * chore(core): update helmet middleware update helmet middleware * feat(core): add csp headers to the mainflow and ac http requests 2/2 (#3613) * feat(core): add csp headers to the mainflow requests add csp headers to the mainflow requests * chore(core): add ui and console security headers add ui and console security headers * fix(core): remove unused middleware remove unused middleware * fix(ui): set terms iframe sandbox set terms iframe sandbox allow same origin * fix(core): update security headers middleware update security headers middleware * chore(core): add changesets * chore(core): address rebase conflict address rebase conflict
423 B
423 B
@logto/console | @logto/core | @logto/shared | @logto/ui |
---|---|---|---|
patch | patch | patch | patch |
Apply security headers
Apply security headers to logto http request response using (helmetjs)[https://helmetjs.github.io/].
[x] crossOriginOpenerPolicy [x] crossOriginEmbedderPolicy [x] crossOriginResourcePolicy [x] hidePoweredBy [x] hsts [x] ieNoOpen [x] noSniff [x] referrerPolicy [x] xssFilter [x] Content-Security-Policy