the-deep / server

Server for DEEP
https://app.thedeep.io/
GNU Affero General Public License v3.0
9 stars 5 forks source link

Add content security headers #604

Open AdityaKhatri opened 3 years ago

AdityaKhatri commented 3 years ago

https://securityheaders.com/?q=https%3A%2F%2Fapi.alpha.thedeep.io%2Fadmin%2Flogin%2F%3Fnext%3D%2Fadmin%2F&followRedirects=on

https://securityheaders.com/?q=https%3A%2F%2Falpha.thedeep.io%2Flogin%2F%3Fnext%3D%2F&followRedirects=on

Also, figure out if chrome extension breaks after adding the security headers.

thenav56 commented 3 years ago

For Client:

Added CSP Report.