summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristoph (Sheogorath) Kern2018-02-12 22:23:19 +0100
committerGitHub2018-02-12 22:23:19 +0100
commite79373883390f28b2154b4892fee7cf466add58a (patch)
treef4c3b59ac82599148883da0d35bb0a2ed491199e
parentbb5e021f201c8ad83fe2736dee0faef123bfca50 (diff)
parent714504618c19bbdb8e160a2fc8c9cda32ec4ce76 (diff)
Merge pull request #725 from SISheogorath/fix/referrerPolicy
Add referrer policy
-rw-r--r--app.js7
1 files changed, 7 insertions, 0 deletions
diff --git a/app.js b/app.js
index b7d493e0..0db65e94 100644
--- a/app.js
+++ b/app.js
@@ -110,6 +110,13 @@ if (config.hsts.enable) {
logger.info('https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security')
}
+// Add referrer policy to improve privacy
+app.use(
+ helmet.referrerPolicy({
+ policy: 'same-origin'
+ })
+)
+
// Generate a random nonce per request, for CSP with inline scripts
app.use(csp.addNonceToLocals)