File tree 1 file changed +12
-4
lines changed
1 file changed +12
-4
lines changed Original file line number Diff line number Diff line change @@ -52,16 +52,19 @@ TraceEnable Off
5252# If you use version control systems in your document root, you should
5353# probably deny access to their directories. For example, for subversion:
5454#
55- #<DirectoryMatch "/\.svn">
56- # Require all denied
57- #</DirectoryMatch>
55+ <DirectoryMatch "/\.svn" >
56+ Require all denied
57+ </DirectoryMatch >
58+ <DirectoryMatch "/\.git" >
59+ Require all denied
60+ </DirectoryMatch >
5861
5962#
6063# Setting this header will prevent MSIE from interpreting files as something
6164# else than declared by the content type in the HTTP headers.
6265# Requires mod_headers to be enabled.
6366#
64- # Header set X-Content-Type-Options: "nosniff"
67+ Header set X-Content-Type-Options : "nosniff"
6568
6669#
6770# Setting this header will prevent other sites from embedding pages from this
@@ -70,5 +73,10 @@ TraceEnable Off
7073#
7174#Header set X-Frame-Options: "sameorigin"
7275
76+ # Adding X-XSS-Protection per recommendation of MDN
77+ Header set X-XSS-Protection: "1 ; mode=block"
78+
79+ # Adding CSP, still need unsafe-inline for now gitweb timezone handling
80+ Header set Content-Security-Policy: "default-src 'self' 'unsafe-inline'"
7381
7482# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
You can’t perform that action at this time.
0 commit comments