mirror of
https://github.com/php-flasher/php-flasher.git
synced 2026-03-31 15:07:47 +01:00
Younes ENNAJI
34 lines
1.0 KiB
YAML
34 lines
1.0 KiB
YAML
# nelmio_security:
|
|
# # prevents framing of the entire site
|
|
# clickjacking:
|
|
# paths:
|
|
# '^/.*': DENY
|
|
#
|
|
# # disables content type sniffing for script resources
|
|
# content_type:
|
|
# nosniff: true
|
|
#
|
|
# # forces Microsoft's XSS-Protection with
|
|
# # its block mode
|
|
# xss_protection:
|
|
# enabled: true
|
|
# mode_block: true
|
|
#
|
|
# # Send a full URL in the `Referer` header when performing a same-origin request,
|
|
# # only send the origin of the document to secure destination (HTTPS->HTTPS),
|
|
# # and send no header to a less secure destination (HTTPS->HTTP).
|
|
# # If `strict-origin-when-cross-origin` is not supported, use `no-referrer` policy,
|
|
# # no referrer information is sent along with requests.
|
|
# referrer_policy:
|
|
# enabled: true
|
|
# policies:
|
|
# - 'no-referrer'
|
|
# - 'strict-origin-when-cross-origin'
|
|
#
|
|
# csp:
|
|
# enabled: true
|
|
#
|
|
# enforce:
|
|
# script-src:
|
|
# - 'self'
|