Tom Hughes
|
d987416901
|
Allow apache to control the HSTS setting
|
2018-01-11 19:44:20 +00:00 |
|
Tom Hughes
|
b396c8cbe5
|
Allow apache to control the HSTS setting
|
2018-01-11 19:20:07 +00:00 |
|
Tom Hughes
|
3c4774a5f7
|
Allow images to be loaded from piwik
|
2017-11-23 22:22:01 +00:00 |
|
Tom Hughes
|
18d3392ede
|
Relax cookie security policy
|
2017-11-01 17:48:35 +00:00 |
|
Tom Hughes
|
e7e85db0c8
|
Update secure_headers configuration for upstream changes
|
2017-09-08 16:49:28 +01:00 |
|
Tom Hughes
|
5b33f3f8e3
|
Fix rubocop warnings
|
2017-06-02 00:08:30 +01:00 |
|
Tom Hughes
|
e35748567c
|
Update HSTS to publish a max-age=0 to disable it
|
2017-03-03 11:34:39 +00:00 |
|
Tom Hughes
|
ee12eba234
|
Don't try and modify policy if we don't have one
|
2017-03-02 10:39:18 +00:00 |
|
Tom Hughes
|
c5ef6404f5
|
Improve the content security policy
|
2017-03-01 22:38:24 +00:00 |
|
Tom Hughes
|
40a8e5caf5
|
Add support for Content-Security-Policy
Currently this is report only, and disabled unless a report URL has
been set in the application configuration.
|
2017-02-26 19:48:13 +00:00 |
|