From b5135ce6bf1d82a549766b778e09581e06cf9e82 Mon Sep 17 00:00:00 2001 From: regalijan Date: Thu, 19 Oct 2023 16:50:13 -0400 Subject: [PATCH] Add additional security headers --- functions/_middleware.ts | 3 +++ 1 file changed, 3 insertions(+) diff --git a/functions/_middleware.ts b/functions/_middleware.ts index fcb3fd3..590e7d8 100644 --- a/functions/_middleware.ts +++ b/functions/_middleware.ts @@ -102,10 +102,13 @@ async function setHeaders(context: RequestContext) { "Wintervale", ]; + response.headers.set("Permissions-Policy", "clipboard-write=(self), interest-cohort=()"); + response.headers.set("Referrer-Policy", "same-origin"); response.headers.set( "RTV", rtvValues[Math.round(Math.random() * (rtvValues.length - 1))] ); + response.headers.set("X-Frame-Options", "SAMEORIGIN"); response.headers.set("X-XSS-Protection", "1; mode=block"); return response;