JeroenED/website
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Updated security

Browse Source
This commit is contained in:
Jeroen De Meerleer 2023-08-04 14:27:37 +02:00
parent 27a4295589
commit 98781357b9
Signed by: JeroenED
GPG Key ID: 28CCCB8F62BFADD6
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config/packages/nelmio_security.yaml
View File

@ -14,6 +14,11 @@ nelmio_security:
enabled: true enabled: true
mode_block: true mode_block: true
forced_ssl:
hsts_max_age: 31536000 # 1 year
hsts_preload: true
hsts_subdomains: true
# Send a full URL in the `Referer` header when performing a same-origin request, # Send a full URL in the `Referer` header when performing a same-origin request,
# only send the origin of the document to secure destination (HTTPS->HTTPS), # only send the origin of the document to secure destination (HTTPS->HTTPS),
# and send no header to a less secure destination (HTTPS->HTTP). # and send no header to a less secure destination (HTTPS->HTTP).
@ -31,7 +36,6 @@ nelmio_security:
level1_fallback: false level1_fallback: false
browser_adaptive: browser_adaptive:
enabled: false enabled: false
report-uri: '%router.request_context.base_url%/nelmio/csp/report'
default-src: default-src:
- 'none' - 'none'
script-src: script-src: