diff options
author | Sheogorath | 2018-02-12 01:29:58 +0100 |
---|---|---|
committer | Sheogorath | 2018-02-12 01:59:48 +0100 |
commit | 714504618c19bbdb8e160a2fc8c9cda32ec4ce76 (patch) | |
tree | f4c3b59ac82599148883da0d35bb0a2ed491199e /public/js/lib/common/constant.ejs | |
parent | bb5e021f201c8ad83fe2736dee0faef123bfca50 (diff) |
Add referrer policy
This commit adds a referrer policy to all requests.
The usage of `same-origin` allows HackMD to still interpret all requests
and this way not break anything. But it prevents 3rd party scripts,
pictures and more to get informations that may lead to not secured note.
It has to be mentioned that this maybe breaks some features of the
Google Analytics embedding. This has to be tested.
Fixes #724
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions