added security headers for more safety

shopsys · Mar 14, 2024 · 53592fd · 53592fd
2 parents 32ee1b6 + ddd133e
commit 53592fd
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/UPGRADE.md b/UPGRADE.md
@@ -10,6 +10,10 @@
 2. Run `composer update shopsys/deployment`
 3. Check files in mentioned pull requests and if you have any of them extended in your project, apply changes manually
 
+## Upgrade from v2.1.2 to v2.1.3
+
+- added security headers for more safety ([#10](https://github.com/shopsys/deployment/pull/10))
+
 ## Upgrade from v2.1.1 to v2.1.2
 
 - update your `deploy-project.sh` to properly deploy consumer manifests ([#9](https://github.com/shopsys/deployment/pull/9/files))

diff --git a/kubernetes/configmap/nginx.yaml b/kubernetes/configmap/nginx.yaml
@@ -79,6 +79,8 @@ data:
             add_header Access-Control-Allow-Origin "*" always;
             add_header Access-Control-Allow-Credentials "false" always;
             add_header VSHCDN-WEBP-QUALITY 90;
+            add_header X-Frame-Options "SAMEORIGIN";
+            add_header X-Content-Type-Options "nosniff";
 
             set $request_host $http_host;
             if ($http_originalhost) {