Closed arhimede closed 3 years ago
Considering that the general use case for DotKernel API is to communicate (only) with a frontend application, most of these headers are not relevant (except for Permissions-Policy
, which is already implemented via dot-response-header).
Still, if an application needs any of these headers, they can be easily added via dot-response-header's config file.
https://securityheaders.com/
Check if there are realy needed the add extra headers:
Strict-Transport-Security Content-Security-Policy X-Frame-Options X-Content-Type-Options Referrer-Policy Permissions-Policy