Skip to content

Commit 54d9c5f

Browse files
author
Hernan Rojek Moriceau
committed
fix (security): Implements #26 DAST security mitigations
1 parent d25f6e0 commit 54d9c5f

File tree

2 files changed

+7
-0
lines changed

2 files changed

+7
-0
lines changed

nginx.conf

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
server {
22

3+
server_tokens off;
4+
add_header 'Referrer-Policy' 'origin';
5+
36
location / {
47
root /usr/share/nginx/html/;
58
include /etc/nginx/mime.types;

public/index.html

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
<head>
1919
<meta charset="utf-8" />
2020
<link rel="icon" href="%PUBLIC_URL%/favicon.ico" />
21+
<meta name="referrer" content="origin" />
2122
<meta name="viewport" content="width=device-width, initial-scale=1" />
2223
<meta
2324
name="description"
@@ -44,6 +45,9 @@
4445
<script
4546
type="text/javascript"
4647
src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"
48+
integrity="sha384-lifoBlbdwizTl3Yoe612uhI3AcOam/QtWkozF7SuiACaf5UJl5reOYu4MigVxrCH"
49+
crossOrigin="anonymous"
50+
data-integrity-bad="sha384-K//nZc8vZ68YQ8QUGSmaDbIyGMsLsGLvnG51fC4z4ysDZJG8nXE05BkPxg+b/pVI"
4751
></script>
4852
<script type="text/javascript" src="%PUBLIC_URL%/env.js"></script>
4953
<div id="app" class="container"></div>

0 commit comments

Comments
 (0)