Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Header always set Content-Security-Policy "default-src https: data: 'unsafe-inline' 'unsafe-eval'"
- Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
- Header always set X-Frame-Options "SAMEORIGIN"
- Header always set X-Xss-Protection "1; mode=block"
- Header always set X-Content-Type-Options "nosniff"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement