Add script to create security headers in portal

hemilabs · Aug 22, 2024 · 102cc7a · 102cc7a
1 parent 522d52d
commit 102cc7a
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 0 deletions.
diff --git a/webapp/.htaccess b/webapp/.htaccess
@@ -0,0 +1,27 @@
+<IfModule mod_headers.c>
+    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+</IfModule>
+
+<IfModule mod_headers.c>
+    Header always set X-Frame-Options "SAMEORIGIN"
+</IfModule>
+
+<IfModule mod_headers.c>
+    Header always set X-Content-Type-Options "nosniff"
+</IfModule>
+
+<IfModule mod_headers.c>
+    Header always set X-XSS-Protection "1; mode=block"
+</IfModule>
+
+<IfModule mod_headers.c>
+    Header always set X-Download-Options "noopen"
+</IfModule>
+
+<IfModule mod_headers.c>
+    Header always set Expect-CT "max-age=86400, enforce"
+</IfModule>
+
+<IfModule mod_headers.c>
+    Header always set Referrer-Policy "no-referrer-when-downgrade"
+</IfModule>
diff --git a/webapp/package.json b/webapp/package.json
@@ -3,9 +3,11 @@
   "version": "1.0.0",
   "scripts": {
     "build": "next build",
+    "copy:htaccess": "cp .htaccess out/.htaccess",
     "dev": "next dev",
     "dev:wifi": "WIFI=true LOCAL_IP=$(ipconfig getifaddr en0) PORT=3000 npm run dev",
     "deploy": "npm run build",
+    "postbuild": "npm run copy:htaccess",
     "preserve": "npm run build",
     "serve": "serve out"
   },