mirror of
https://github.com/overleaf/overleaf.git
synced 2024-12-27 10:11:04 +00:00
Merge pull request #605 from sharelatex/ta-remove-extra-headers
Remove extra security headers
This commit is contained in:
commit
046c0b856d
2 changed files with 3 additions and 3 deletions
|
@ -153,6 +153,9 @@ webRouter.use (req, res, next) ->
|
|||
dnsPrefetchControl: false
|
||||
referrerPolicy: { policy: 'origin-when-cross-origin' }
|
||||
noCache: isLoggedIn || isProjectPage
|
||||
noSniff: false
|
||||
hsts: false
|
||||
frameguard: false
|
||||
})(req, res, next)
|
||||
|
||||
profiler = require "v8-profiler"
|
||||
|
|
|
@ -5,9 +5,6 @@ request = require('./helpers/request')
|
|||
|
||||
assert_has_common_headers = (response) ->
|
||||
headers = response.headers
|
||||
assert.equal(headers['x-frame-options'], 'SAMEORIGIN')
|
||||
assert.equal(headers['strict-transport-security'], 'max-age=15552000; includeSubDomains')
|
||||
assert.equal(headers['x-content-type-options'], 'nosniff')
|
||||
assert.equal(headers['x-download-options'], 'noopen')
|
||||
assert.equal(headers['x-xss-protection'], '1; mode=block')
|
||||
assert.equal(headers['referrer-policy'], 'origin-when-cross-origin')
|
||||
|
|
Loading…
Reference in a new issue