feat: Add security headers to all routes

2024-09-05 16:51:54 +05:30 · 2024-09-05 16:51:54 +05:30 · 1d633b7556
commit 1d633b7556
parent 0e8a6abe82
1 changed files with 21 additions and 0 deletions
--- a/next.config.mjs
+++ b/next.config.mjs
@ -1,5 +1,26 @@
 /** @type {import('next').NextConfig} */
 const nextConfig = {
+    async headers() {
+        return [
+            {
+                source: '/(.*)',
+                headers: [
+                    {
+                        key: 'X-Content-Type-Options',
+                        value: 'nosniff',
+                    },
+                    {
+                        key: 'X-Frame-Options',
+                        value: 'DENY',
+                    },
+                    {
+                        key: 'Referrer-Policy',
+                        value: 'strict-origin-when-cross-origin',
+                    },
+                ],
+            },
+        ]
+    },
    images: {
        dangerouslyAllowSVG: true,
        remotePatterns: [