Skip to content

Commit 1c30de7

Browse files
committed
feat(web): add security headers to Next.js config
- X-DNS-Prefetch-Control: on - Strict-Transport-Security: HSTS with preload - X-Content-Type-Options: nosniff - X-Frame-Options: DENY - X-XSS-Protection: enabled - Referrer-Policy: strict-origin-when-cross-origin - Permissions-Policy: disable camera, microphone, geolocation
1 parent dc0bbd3 commit 1c30de7

1 file changed

Lines changed: 39 additions & 0 deletions

File tree

apps/web/next.config.ts

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,37 @@ import type { NextConfig } from "next";
33

44
const withNextIntl = createNextIntlPlugin("./src/lib/i18n/request.ts");
55

6+
const securityHeaders = [
7+
{
8+
key: "X-DNS-Prefetch-Control",
9+
value: "on",
10+
},
11+
{
12+
key: "Strict-Transport-Security",
13+
value: "max-age=63072000; includeSubDomains; preload",
14+
},
15+
{
16+
key: "X-Content-Type-Options",
17+
value: "nosniff",
18+
},
19+
{
20+
key: "X-Frame-Options",
21+
value: "DENY",
22+
},
23+
{
24+
key: "X-XSS-Protection",
25+
value: "1; mode=block",
26+
},
27+
{
28+
key: "Referrer-Policy",
29+
value: "strict-origin-when-cross-origin",
30+
},
31+
{
32+
key: "Permissions-Policy",
33+
value: "camera=(), microphone=(), geolocation=()",
34+
},
35+
];
36+
637
const nextConfig: NextConfig = {
738
reactCompiler: true,
839
images: {
@@ -11,6 +42,14 @@ const nextConfig: NextConfig = {
1142
experimental: {
1243
typedEnv: true,
1344
},
45+
async headers() {
46+
return [
47+
{
48+
source: "/(.*)",
49+
headers: securityHeaders,
50+
},
51+
];
52+
},
1453
};
1554

1655
export default withNextIntl(nextConfig);

0 commit comments

Comments
 (0)