Closed
Description
Same as phoenix behaviour. https://github.com/phoenixframework/phoenix/blob/d02621e106a9420167e7152f88f0cc4ab57a7785/lib/phoenix/controller.ex#L975-L990
Note the headers are simply default values
use Raxx.SecureBrowserHeaders
# OR
use Raxx.DefaultHeaders [
{"x-frame-options", "SAMEORIGIN"},
{"x-xss-protection", "1; mode=block"},
{"x-content-type-options", "nosniff"}
]QUESTION: should this live as it's own package or part of a Raxx.Browser pack?