From d92357cf8260f0ef5b8a39cfbad05424724f9e74 Mon Sep 17 00:00:00 2001
From: Abdullah Atta <abdullahatta@streetwriters.co>
Date: Thu, 20 Oct 2022 14:04:45 +0500
Subject: [PATCH] web: add web app security headers for cloudflare pages

---
 apps/web/public/_headers | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 apps/web/public/_headers

diff --git a/apps/web/public/_headers b/apps/web/public/_headers
new file mode 100644
index 000000000..c187f4e07
--- /dev/null
+++ b/apps/web/public/_headers
@@ -0,0 +1,6 @@
+/*
+  X-Frame-Options: DENY
+  X-Content-Type-Options: nosniff
+  Referrer-Policy: no-referrer
+  Permissions-Policy: document-domain=()
+  Content-Security-Policy: script-src 'self' 'nonce-7WIq8hRwApoXhctoGZZthMLYQLRNiprTwcPi6Azdf' 'unsafe-eval'; frame-ancestors 'none';
\ No newline at end of file