admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
18b5980f296c13d33e8415079564fa794ddab70e
goodgo-platform/docker-compose.ci.yml
Ho Ngoc Hai 017d85247e fix(security): harden security headers across API and Web apps 
- API: set X-Frame-Options to DENY via frameguard, add Permissions-Policy header, widen CSP connect-src for Swagger CDN
- Web: add HSTS header (1yr, includeSubDomains, preload), add payment=(self) to Permissions-Policy, make localhost:3001 in CSP connect-src dev-only

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-04-10 20:10:22 +07:00

1.9 KiB
Raw Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink