python-support-infra/stacks/mesh/configs/mesh__traefik_default_middl...

22 lines
784 B
TOML
Raw Normal View History

####################
# - Default Middlewares
####################
[http.middlewares.default.chain]
middlewares = [
"default-security-headers",
]
####################
# - Middleware: Default Security Headers
####################
[http.middlewares.default-security-headers.headers]
browserXssFilter = true # X-XSS-Protection=1; mode=block
contentTypeNosniff = true # X-Content-Type-Options=nosniff
forceSTSHeader = true # Add STS even when using HTTP.
frameDeny = true # X-Frame-Options=deny
referrerPolicy = "strict-origin-when-cross-origin"
sslRedirect = true # Allow only https requests
stsIncludeSubdomains = true # Add includeSubdomains to STS header
stsPreload = true # Add preload flag appended to STS header
stsSeconds = 63072000 # Set max-age of STS header (2 years)