From bc68f9b668a4d85d3b7aeda576472da264ccdc94 Mon Sep 17 00:00:00 2001 From: Yevhenii Volosiuk Date: Wed, 18 Dec 2024 13:01:58 +0100 Subject: [PATCH 1/2] fix: Referrer-Policy --- .../fpm-apache/etc/apache2/conf-available/security.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/variations/fpm-apache/etc/apache2/conf-available/security.conf b/src/variations/fpm-apache/etc/apache2/conf-available/security.conf index 43957f476..c1b5ed798 100644 --- a/src/variations/fpm-apache/etc/apache2/conf-available/security.conf +++ b/src/variations/fpm-apache/etc/apache2/conf-available/security.conf @@ -84,15 +84,15 @@ Header always set X-Frame-Options: "sameorigin" # # Referrer policy # -Header always set Referrer-Policy "no-referrer-when-downgrade" +Header always set Referrer-Policy "strict-origin-when-cross-origin" # # Content Security Policy # UPDATE - September 2020: Commenting this out until we grasp better security requirements -# +# #Header always set Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" # # Strict-Transport-Security Policy (set HSTS) # -Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains" \ No newline at end of file +Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"; From 5e88aec39ee5b2f5c53c1ecc7d89347edf5470ce Mon Sep 17 00:00:00 2001 From: Yevhenii Volosiuk Date: Wed, 18 Dec 2024 13:04:54 +0100 Subject: [PATCH 2/2] chore: update .gitignore to exclude IDEA files" --- .gitignore | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index cbc1be6a1..6b736ff00 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,9 @@ # Ensure node files do not appear +.idea +vscode package-lock.json package.json yarn.lock node_modules php-versions.yml -*.tmp \ No newline at end of file +*.tmp