Add HTTP response headers for improved security (#669)

* Add HTTP response headers for improved security This reverts commit 4c3e1f8.
mmistakes · Feb 14, 2019 · afd8b39 · afd8b39
1 parent 1e7480b
commit afd8b39
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/netlify.toml b/netlify.toml
@@ -1,3 +1,12 @@
 [build]
   command = "gulp build --prod"
   publish = "dist"
+
+[[headers]]
+  for = "/*"
+  [headers.values]
+    Strict-Transport-Security = "max-age=31536000; includeSubDomains; preload"
+    X-Frame-Options = "DENY"
+    X-XSS-Protection = "1; mode=block"
+    Referrer-Policy = "no-referrer"
+    X-Content-Type-Options = "nosniff"