Merge pull request #1846 from ten-protocol/jennifer/3139-add-beagle-s…

…ecurity-to-gateway fix build error
ten-protocol · Mar 20, 2024 · c6664e0 · c6664e0
2 parents fdde1b7 + 52baa00
commit c6664e0
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/tools/walletextension/frontend/src/components/head-seo.tsx b/tools/walletextension/frontend/src/components/head-seo.tsx
@@ -21,8 +21,14 @@ const HeadSeo = ({
       {/* Beagle Security */}
       <meta
         name="_vgeujvlkxz15hyr8vbuvqxnfmzlkm059"
+        // @ts-ignore
         signature="_vd3udx2g2hfn9zclob5cat43b94q7fyk"
       ></meta>
+      {/* SECURITY: to prevent the page from being loaded in an iFrame */}
+      <meta http-equiv="X-Frame-Options" content="deny"></meta>
+      {/* to indicate the browser shouldn't interpret the response as something other than the specified content type */}
+      <meta http-equiv="X-Content-Type-Options" content="nosniff"></meta>
+      {/* The Content-Security-Policy header is used to prevent a wide range of attacks, including Cross-Site Scripting (XSS) and other cross-site injections. */}
       {/* twitter metadata */}
       <meta name="twitter:card" content="summary_large_image" />
       <meta name="twitter:site" content={siteMetadata.twitterHandle} />