9c96f0fd57
Reponse headers now include the following: - X-Content-Type-Options: nosniff - X-Frame-Options: DENY - Strict-Transport-Security: max-age=63072000 - Only when HTTPS_ONLY is set https://infosec.mozilla.org/guidelines/web_security#http-strict-transport-security https://infosec.mozilla.org/guidelines/web_security#x-content-type-options https://infosec.mozilla.org/guidelines/web_security#x-frame-options |
||
---|---|---|
.. | ||
models | ||
static | ||
templates | ||
utils | ||
__init__.py | ||
__main__.py | ||
filter.py | ||
request.py | ||
routes.py |