mvitz
commented
8 years ago We should consider using https://github.com/ring-clojure/ring-defaults which comes bundled with most of the features you would like to add :-)
Open echox opened 8 years ago
mvitz
commented
8 years ago We should consider using https://github.com/ring-clojure/ring-defaults which comes bundled with most of the features you would like to add :-)
Statuses should support and set the common browser security headers, for example Content-Security-Policy, X-XSS-Protection, HSTS and HPKP.
This should be configurable and turned on by default if possible.