From da02e23eee2216a601602dfb68deecca5b529dde Mon Sep 17 00:00:00 2001 From: Jennifer Echenim Date: Wed, 20 Mar 2024 16:26:36 +0400 Subject: [PATCH 1/2] Add security headers --- tools/walletextension/frontend/src/components/head-seo.tsx | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tools/walletextension/frontend/src/components/head-seo.tsx b/tools/walletextension/frontend/src/components/head-seo.tsx index b8fc555880..26a475374a 100644 --- a/tools/walletextension/frontend/src/components/head-seo.tsx +++ b/tools/walletextension/frontend/src/components/head-seo.tsx @@ -24,6 +24,11 @@ const HeadSeo = ({ // @ts-ignore signature="_vd3udx2g2hfn9zclob5cat43b94q7fyk" > + {/* SECURITY: to prevent the page from being loaded in an iFrame */} + + {/* to indicate the browser shouldn't interpret the response as something other than the specified content type */} + + {/* The Content-Security-Policy header is used to prevent a wide range of attacks, including Cross-Site Scripting (XSS) and other cross-site injections. */} {/* twitter metadata */} From f48782d4c9da91bc2332654ae3e16cd60377823f Mon Sep 17 00:00:00 2001 From: Jennifer Echenim Date: Wed, 20 Mar 2024 16:27:19 +0400 Subject: [PATCH 2/2] rm log --- tools/walletextension/frontend/src/components/head-seo.tsx | 1 - 1 file changed, 1 deletion(-) diff --git a/tools/walletextension/frontend/src/components/head-seo.tsx b/tools/walletextension/frontend/src/components/head-seo.tsx index 26a475374a..18c35efc1a 100644 --- a/tools/walletextension/frontend/src/components/head-seo.tsx +++ b/tools/walletextension/frontend/src/components/head-seo.tsx @@ -28,7 +28,6 @@ const HeadSeo = ({ {/* to indicate the browser shouldn't interpret the response as something other than the specified content type */} - {/* The Content-Security-Policy header is used to prevent a wide range of attacks, including Cross-Site Scripting (XSS) and other cross-site injections. */} {/* twitter metadata */}