From aa6461df2e47c1b4bfecebf518e599537d0fb8e8 Mon Sep 17 00:00:00 2001
From: Simon Hyll <hyllsimon@gmail.com>
Date: Tue, 21 May 2024 04:41:25 +0200
Subject: [PATCH] feat: adding security headers to improve observatory score

---
 astro.config.mjs | 2 +-
 public/_headers  | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 public/_headers

diff --git a/astro.config.mjs b/astro.config.mjs
index fc28800b6..3aa1b7ffe 100644
--- a/astro.config.mjs
+++ b/astro.config.mjs
@@ -257,7 +257,7 @@ export default defineConfig({
 				clientsClaim: true,
 				inlineWorkboxRuntime: true,
 				skipWaiting: true,
-				globIgnores: ["**_redirects**"],
+				globIgnores: ["**_redirects**", "**_headers**"],
 				globPatterns: ["**/*.js", "**/*.css"],
 				runtimeCaching: [{
 					urlPattern: new RegExp('.*'),
diff --git a/public/_headers b/public/_headers
new file mode 100644
index 000000000..284c19622
--- /dev/null
+++ b/public/_headers
@@ -0,0 +1,5 @@
+/*
+  X-Frame-Options: DENY
+  X-XSS-Protection: 1; mode=block
+  X-Content-Type-Options: nosniff
+  Content-Security-Policy: default-src 'self';