Cross Reference: security_headers.rb
xref
: /
ontohub
/
config
/
initializers
/
security_headers.rb
Home
History
Annotate
Line#
Navigate
Download
Search
only in
./
security_headers.rb revision b049c4f1eb105fffb64f9c614c54e95137875dba
::
SecureHeaders
::
Configuration.configure
do
|
config
|
config.hsts
= {:
max_age
=>
99
, :
include_subdomains
=>
true
}
config.x
_frame_options
=
'DENY'
config.x
_content_type_options
=
"nosniff"
config.x
_xss_protection
= {:
value
=>
1
, :
mode
=>
false
}
config.csp
=
{
default_src
:
"self"
,
style_src
:
"'self' 'unsafe-inline'"
,
disable_chrome_extension
:
true
,
}
end