mastodon-glitch/config/initializers/secureheaders.rb

11 lines
192 B
Ruby

SecureHeaders::Configuration.default do |config|
config.cookies = {
secure: true,
httponly: true,
samesite: {
lax: true
}
}
config.csp = SecureHeaders::OPT_OUT
end