@@ -2,6 +2,8 @@
! Access-Control-Allow-Origin
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
+ X-Frame-Options: SAMEORIGIN
+ Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
/version
Michael Telatynski