Author: fanningpj
Date: Sat Feb 17 19:29:48 2024
New Revision: 1915850
URL: http://svn.apache.org/viewvc?rev=1915850&view=rev
Log:
try to set security headers
Modified:
poi/site/publish/.htaccess
Modified: poi/site/publish/.htaccess
URL:
http://svn.apache.org/viewvc/poi/site/publish/.htaccess?rev=1915850&r1=1915849&r2=1915850&view=diff
==============================================================================
--- poi/site/publish/.htaccess (original)
+++ poi/site/publish/.htaccess Sat Feb 17 19:29:48 2024
@@ -27,7 +27,8 @@ RewriteRule ^apidocs/(overview*)$ /apido
# Security Headers
Header set Strict-Transport-Security "max-age=31536000"
-Header set Content-Security-Policy "default-src 'self' https://poi.apache.org/
; style-src 'self' https://poi.apache.org/ 'unsafe-inline' ; script-src 'self'
https://poi.apache.org/ 'unsafe-inline' ; frame-src 'self' ;"
+Header set Content-Security-Policy "frame-src 'self' ;"
+# Header set Content-Security-Policy "default-src 'self'
https://poi.apache.org/ ; style-src 'self' https://poi.apache.org/
'unsafe-inline' ; script-src 'self' https://poi.apache.org/ 'unsafe-inline' ;
frame-src 'self' ;"
Header always set X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set X-XSS-Protection "1; mode=block"
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
