diff options
Diffstat (limited to 'fleet/modules/web.nix')
| -rw-r--r-- | fleet/modules/web.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/fleet/modules/web.nix b/fleet/modules/web.nix index 709b1e4..97b67ca 100644 --- a/fleet/modules/web.nix +++ b/fleet/modules/web.nix @@ -28,6 +28,7 @@ header { Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" + # TODO(V): Consider relaxing this a bit. Disabling JavaScript is bound to result in subtle breakage. Content-Security-Policy "script-src 'none'; object-src 'none'" Permissions-Policy "interest-cohort=()" X-Clacks-Overhead "GNU Terry Pratchett" |