add several headers to default apache config

ahh security-related headers
update version
2025-07-17 21:05:37 +02:00 · 2025-07-17 20:54:41 +02:00 · 2025-07-17 12:52:30 +02:00
3 changed files with 6 additions and 2 deletions
--- a/apache2.conf.EXAMPLE
+++ b/apache2.conf.EXAMPLE
@ -32,6 +32,10 @@
      Header set Cache-Control "public,max-age=31536000,immutable"
    </Directory>

+    Header set X-Content-Type-Options "nosniff"
+    Header set Strict-Transport-Security "max-age=15768000; includeSubDomains"
+    Header set X-Frame-Options "DENY"
+
    ProxyPass / http://localhost:3000/
    ProxyPassReverse / http://localhost:3000/

--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "moshing-mammut",
-  "version": "2.0.1",
+  "version": "2.1.0",
  "private": true,
  "license": "LGPL-3.0-or-later",
  "scripts": {
--- a/svelte.config.js
+++ b/svelte.config.js
@ -17,7 +17,7 @@ const config = {
    },
    csp: {
      directives: {
-        'script-src': ['self', 'unsafe-inline'],
+        'script-src': ['self'],
        'base-uri': ['self'],
        'object-src': ['none']
      }
Author	SHA1	Message	Date
Max Nuding	1077491423	add several headers to default apache config	2025-07-17 21:05:37 +02:00
Max Nuding	348fc929d9	ahh security-related headers	2025-07-17 20:54:41 +02:00
Max Nuding	258a813c94	update version	2025-07-17 12:52:30 +02:00