Skip to content

Commit a4e34bb

Browse files
hrojekhrojek
authored
Merge pull request #28 from primeqa/26-dast-security-mitigations
fix (security): Implements #26 DAST security mitigations
2 parents 2356ad3 + 54d9c5f commit a4e34bb

File tree

2 files changed

+7
-0
lines changed

2 files changed

+7
-0
lines changed

nginx.conf

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
server {
22

3+
server_tokens off;
4+
add_header 'Referrer-Policy' 'origin';
5+
36
location / {
47
root /usr/share/nginx/html/;
58
include /etc/nginx/mime.types;

public/index.html

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
<head>
1919
<meta charset="utf-8" />
2020
<link rel="icon" href="%PUBLIC_URL%/favicon.ico" />
21+
<meta name="referrer" content="origin" />
2122
<meta name="viewport" content="width=device-width, initial-scale=1" />
2223
<meta
2324
name="description"
@@ -44,6 +45,9 @@
4445
<script
4546
type="text/javascript"
4647
src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"
48+
integrity="sha384-lifoBlbdwizTl3Yoe612uhI3AcOam/QtWkozF7SuiACaf5UJl5reOYu4MigVxrCH"
49+
crossOrigin="anonymous"
50+
data-integrity-bad="sha384-K//nZc8vZ68YQ8QUGSmaDbIyGMsLsGLvnG51fC4z4ysDZJG8nXE05BkPxg+b/pVI"
4751
></script>
4852
<script type="text/javascript" src="%PUBLIC_URL%/env.js"></script>
4953
<div id="app" class="container"></div>

0 commit comments

Comments
 (0)