Closed TheTechArch closed 4 weeks ago
Verified response headers are now set:
referer-policy: no-referer x-content-type-options: nosniff x-frame-options: deny x-xss-protection: 0
@jonkjetiloye - betyr det at denne kan lukkes?
@sivaglen har da bare fått verifisert at security headers er satt. @TheTechArch hvordan får vi ellers sjekket cors/XSRF?
Description
We need to set the recomended security headers in BFF See https://github.com/Altinn/app-lib-dotnet/blob/main/src/Altinn.App.Api/Infrastructure/Middleware/SecurityHeadersMiddleware.cs
Additional Information
No response
Tasks
Acceptance Criteria