ac65a37b0b
Added new X-Content-Type-Options: nosniff header to make sure the browser does not try to detect a different Content-Type than what is actually sent (can lead to XSS) Added new X-Frame-Options: sameorigin header to protect against drag and drop clickjacking attacks in older browsers Added new Content-Security-Policy: script-src self for implementation Added new HTTP Security header X-XSS-Protection:1 mode=block to sanitize the page, when a XSS attack is detected, the browser will prevent rendering of the page Change-Id: Ic79bbb96484a7f1a497c001883783338fd26a47a |
||
|---|---|---|
| .. | ||
| templates | ||
| Chart.yaml | ||
| requirements.yaml | ||
| values.yaml | ||