Author: fanningpj
Date: Wed Feb 28 12:59:13 2024
New Revision: 1916041
URL: http://svn.apache.org/viewvc?rev=1916041&view=rev
Log:
re-enable some security headers
Modified:
poi/site/publish/.htaccess
Modified: poi/site/publish/.htaccess
URL:
http://svn.apache.org/viewvc/poi/site/publish/.htaccess?rev=1916041&r1=1916040&r2=1916041&view=diff
==============================================================================
--- poi/site/publish/.htaccess (original)
+++ poi/site/publish/.htaccess Wed Feb 28 12:59:13 2024
@@ -24,11 +24,11 @@ RewriteRule ^apidocs/org/(.*)$ /apido
RewriteRule ^apidocs/(overview*)$ /apidocs/dev/$1 [R=permanent]
# Security Headers
-# Header set Strict-Transport-Security "max-age=31536000"
-# Header set Content-Security-Policy "frame-src 'self' ;"
+Header set Strict-Transport-Security "max-age=31536000"
+Header set Content-Security-Policy "frame-src 'self' ;"
# Header set Content-Security-Policy "default-src 'self'
https://poi.apache.org/ ; style-src 'self' https://poi.apache.org/
'unsafe-inline' ; script-src 'self' https://poi.apache.org/ 'unsafe-inline' ;
frame-src 'self' ;"
-# Header always set X-Frame-Options SAMEORIGIN
-# Header set X-Content-Type-Options nosniff
-# Header set X-XSS-Protection "1; mode=block"
-# Header set Referrer-Policy: strict-origin
+Header always set X-Frame-Options SAMEORIGIN
+Header set X-Content-Type-Options nosniff
+Header set X-XSS-Protection "1; mode=block"
+Header set Referrer-Policy: strict-origin
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
