Skip to content

Instantly share code, notes, and snippets.

Avatar

René Milzarek neotreat

  • Crashtest Security GmbH
View GitHub Profile
@neotreat
neotreat / meta-csp.html
Created Sep 12, 2017
A basic example for a Content-Security-Policy using a meta-tag.
View meta-csp.html
<!doctype html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="default-src 'none';">
</head>
<body>
...
</body>
</html>
@neotreat
neotreat / http-security-headers-lambda-cloudfront.js
Last active Aug 28, 2018
Add HTTP Security Headers to Cloudfront with Lambda@Edge.
View http-security-headers-lambda-cloudfront.js
'use strict';
exports.handler = (event, context, callback) => {
const response = event.Records[0].cf.response;
const headers = response.headers;
// Add security headers
const securityHeaders = [
[{
You can’t perform that action at this time.