summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app.js7
1 files changed, 7 insertions, 0 deletions
diff --git a/app.js b/app.js
index b7d493e0..0db65e94 100644
--- a/app.js
+++ b/app.js
@@ -110,6 +110,13 @@ if (config.hsts.enable) {
logger.info('https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security')
}
+// Add referrer policy to improve privacy
+app.use(
+ helmet.referrerPolicy({
+ policy: 'same-origin'
+ })
+)
+
// Generate a random nonce per request, for CSP with inline scripts
app.use(csp.addNonceToLocals)