Verified Commit 3f6a9f01 authored by Jelle van der Waa's avatar Jelle van der Waa 🚧
Browse files

Configure mediawiki's security headers

Mediawiki allows the configuration of Referrer policy, which is set to
the same value as archlinux.org, retaining the referrer for https://
links as they might be beneficial as promotion. Set the X-Frame-Options
header to deny framing.
parent a35a5302
Pipeline #4814 passed with stage
in 44 seconds
......@@ -57,3 +57,7 @@ $wgMainCacheType = CACHE_MEMCACHED;
$wgParserCacheType = CACHE_MEMCACHED;
$wgMessageCacheType = CACHE_MEMCACHED;
$wgMemCachedServers = [ "unix://{{ archwiki_memcached_socket }}:0" ];
# security headers
$wgReferrerPolicy = ["no-referrer-when-downgrade"];
$wgEditPageFrameOptions = "DENY";
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment