Fossorial
Feature Requests: Security Headers and methods #57
klisza1993
started this conversation in
Feature Requests
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi, I would appreciate to have an option setup Security Headers from GUI like:
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; script-src 'self' https://trusted-scripts.com; object-src 'none'
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: geolocation=(), camera=(), microphone=()
Access-Control-Allow-Origin: https://example.com
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Expect-CT: max-age=86400, enforce, report-uri="https://example.com/report"
Server: SecureProxy -> this one should be always be removed from http/s traffic, with that being said, an option to remove headers like example "Server" etc
Lastly, to be able to set http method like: get,put,post,option,delete etc
Beta Was this translation helpful? Give feedback.
All reactions