You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I suggest setting X-XSS-Protection: 1 in HTTP response header by default. With this setting, Yesod can force browsers to enable XSS filtering. I think it allows us to enforce Yesod's security.
Putting addHeader into defaultYesodMiddleware or modifying stack-template would work.
The text was updated successfully, but these errors were encountered:
I suggest setting X-XSS-Protection: 1 in HTTP response header by default. With this setting, Yesod can force browsers to enable XSS filtering. I think it allows us to enforce Yesod's security.
Putting
addHeader
intodefaultYesodMiddleware
or modifying stack-template would work.The text was updated successfully, but these errors were encountered: