Merge pull request #725 from SISheogorath/fix/referrerPolicy
Add referrer policy
This commit is contained in:
Christoph (Sheogorath) Kern
GitHub
commit
e793738833
1 changed files with 7 additions and 0 deletions
7
app.js
7
app.js
|
|
@ -110,6 +110,13 @@ if (config.hsts.enable) {
|
|||
logger.info('https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security')
|
||||
}
|
||||
|
||||
// Add referrer policy to improve privacy
|
||||
app.use(
|
||||
helmet.referrerPolicy({
|
||||
policy: 'same-origin'
|
||||
})
|
||||
)
|
||||
|
||||
// Generate a random nonce per request, for CSP with inline scripts
|
||||
app.use(csp.addNonceToLocals)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue