Page MenuHomePhabricator

[e.cash] Add recommended security headers
ClosedPublic

Authored by bytesofman on Jan 20 2024, 15:26.

Details

Reviewers
Fabien
Group Reviewers
Restricted Project
Commits
rABCbe684676739e: [e.cash] Add recommended security headers
Summary

T3395

Add recommended headers.

Note: CSP header is added as 'report-only' so that we can confirm it does not break the site.

ref
https://nextjs.org/docs/pages/api-reference/next-config-js/headers
https://github.com/vercel/next.js/discussions/17991 for source: key to cover whole site

Test Plan
docker build -t ecash_local .
docker run -it --rm -p 3000:3000 ecash_local
curl -I http://localhost:3000

Confirm terminal output includes headers

Diff Detail

Repository
rABC Bitcoin ABC
Lint
Lint Not Applicable
Unit
Tests Not Applicable