Use "always" condition for security headers
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
This commit is contained in:
parent
3f2932c75a
commit
bd9403d3da
14
.htaccess
14
.htaccess
|
@ -11,13 +11,13 @@
|
|||
|
||||
<IfModule mod_env.c>
|
||||
# Add security and privacy related headers
|
||||
Header set Referrer-Policy "no-referrer"
|
||||
Header set X-Content-Type-Options "nosniff"
|
||||
Header set X-Download-Options "noopen"
|
||||
Header set X-Frame-Options "SAMEORIGIN"
|
||||
Header set X-Permitted-Cross-Domain-Policies "none"
|
||||
Header set X-Robots-Tag "none"
|
||||
Header set X-XSS-Protection "1; mode=block"
|
||||
Header always set Referrer-Policy "no-referrer"
|
||||
Header always set X-Content-Type-Options "nosniff"
|
||||
Header always set X-Download-Options "noopen"
|
||||
Header always set X-Frame-Options "SAMEORIGIN"
|
||||
Header always set X-Permitted-Cross-Domain-Policies "none"
|
||||
Header always set X-Robots-Tag "none"
|
||||
Header always set X-XSS-Protection "1; mode=block"
|
||||
SetEnv modHeadersAvailable true
|
||||
</IfModule>
|
||||
|
||||
|
|
Loading…
Reference in New Issue