From 8fbc519b18b0e93b850307e38261b7dc869ff792 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gon=C3=A7alo=20Val=C3=A9rio?= <gon@ovalerio.net>
Date: Thu, 28 Mar 2019 22:43:43 +0000
Subject: [PATCH] added some security headers to the settings

---
 webhook_logger/settings.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/webhook_logger/settings.py b/webhook_logger/settings.py
index f036d68..81b713d 100644
--- a/webhook_logger/settings.py
+++ b/webhook_logger/settings.py
@@ -98,6 +98,12 @@ if not DEBUG:
     STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage"
 
 
+# Security Headers
+
+SECURE_BROWSER_XSS_FILTER = True
+SECURE_CONTENT_TYPE_NOSNIFF = True
+X_FRAME_OPTIONS = "DENY"
+
 # Django Channels
 
 ASGI_APPLICATION = "webhook_logger.routing.application"