Skip to content
This repository has been archived by the owner on Oct 17, 2022. It is now read-only.

Improve additional security measures #585

Open
6 tasks
luclu opened this issue Apr 30, 2017 · 1 comment
Open
6 tasks

Improve additional security measures #585

luclu opened this issue Apr 30, 2017 · 1 comment
Labels
enhancement

Comments

@luclu
Copy link
Contributor

luclu commented Apr 30, 2017

Investigate recommendations from https://observatory.mozilla.org/analyze.html?host=ethereum.org

  • Content Security Policy (Content Security Policy (CSP) header not implemented)
  • X-Frame-Options (X-Frame-Options (XFO) header not implemented)
  • HTTP Strict Transport Security (HTTP Strict Transport Security (HSTS) header not implemented)
  • X-XSS-Protection (X-XSS-Protection header not implemented)
  • Subresource Integrity (Subresource Integrity (SRI) not implemented, but all external scripts are loaded over https)
  • X-Content-Type-Options (X-Content-Type-Options header not implemented)
@peternewnham
Copy link

This might give some pointers in how to achieve this https://medium.com/@tom.cook/edge-lambda-cloudfront-custom-headers-3d134a2c18a2

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@peternewnham @luclu