This pull request adds standard security headers to our Fastly properties - ensuring that any application behind our CDN gets these applied! I've also separated out the variables where we set request & response headers (since unlike geolocation headers, we don't need these to be applied in both places).
How should this be reviewed?
You can see the changes made to the list of headers in our frontend & backend service components. These will then get applied consistently to all six properties when we merge & apply this.
What's this PR do?
This pull request adds standard security headers to our Fastly properties - ensuring that any application behind our CDN gets these applied! I've also separated out the variables where we set request & response headers (since unlike geolocation headers, we don't need these to be applied in both places).
How should this be reviewed?
You can see the changes made to the list of headers in our frontend & backend service components. These will then get applied consistently to all six properties when we merge & apply this.
Any background context you want to provide?
🔒
Relevant tickets
References Pivotal #173719273.
Checklist