9 lines
405 B
YAML
9 lines
405 B
YAML
---
|
|
security:
|
|
- |
|
|
The following headers were added as additional default (and static) values.
|
|
`X-Content-Type-Options nosniff`, `X-XSS-Protection "1; mode=block"`, and
|
|
`Content-Security-Policy "default-src 'self' https: wss:;"`. Additionally,
|
|
the `X-Frame-Options DENY` header was added, defaulting to DENY. You may
|
|
override the header via the `keystone_x_frame_options` variable.
|