From 1d633b7556c75d7b7b867617f41ca36a31b9b859 Mon Sep 17 00:00:00 2001
From: zaidmukaddam <zaidaltafmukaddam@gmail.com>
Date: Thu, 5 Sep 2024 16:51:54 +0530
Subject: [PATCH] feat: Add security headers to all routes

---
 next.config.mjs | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/next.config.mjs b/next.config.mjs
index 9d6a08a..cf3f647 100644
--- a/next.config.mjs
+++ b/next.config.mjs
@@ -1,5 +1,26 @@
 /** @type {import('next').NextConfig} */
 const nextConfig = {
+    async headers() {
+        return [
+            {
+                source: '/(.*)',
+                headers: [
+                    {
+                        key: 'X-Content-Type-Options',
+                        value: 'nosniff',
+                    },
+                    {
+                        key: 'X-Frame-Options',
+                        value: 'DENY',
+                    },
+                    {
+                        key: 'Referrer-Policy',
+                        value: 'strict-origin-when-cross-origin',
+                    },
+                ],
+            },
+        ]
+    },
     images: {
         dangerouslyAllowSVG: true,
         remotePatterns: [