Skip to content
GitLab
Closed
Issue created by Maarten de Waard@maarten👼Maintainer5 of 5 checklist items completed5/5 checklist items

Improve website security settings

Totem website:

  • Enable CSP (if possible)
  • Add header Strict-Transport-Security "max-age=63072000"
  • Add header X-Content-Type-Options "nosniff"
  • Add X-Frame-Options header
  • Add header X-XSS-Protection "1; mode=block"
Edited by Maarten de Waard
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information