Improve website security settings

Totem website:

Enable CSP (if possible)
Add header Strict-Transport-Security "max-age=63072000"
Add header X-Content-Type-Options "nosniff"
Add X-Frame-Options header
Add header X-XSS-Protection "1; mode=block"

Edited Jan 15, 2021 by Maarten de Waard

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information