Skip to content
This repository was archived by the owner on Jan 2, 2026. It is now read-only.

Commit 6f8e27b

Browse files
onemeeeonemeee
authored
🛠️ 취약점 처리 - 누락된 헤더 추가 (#408)
1 parent 53f5183 commit 6f8e27b

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

middleware.ts

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,12 +44,16 @@ export default async function middleware(request: NextRequest) {
4444
if (userState !== 'logout') {
4545
requestHeaders.set('x-nonce', nonce);
4646
requestHeaders.set('Content-Security-Policy', cspHeader);
47+
requestHeaders.set('X-Frame-Options', 'SAMEORIGIN');
48+
requestHeaders.set('X-XSS-Protection', '1; mode=block');
4749
}
4850
const req = new NextRequest(request, { headers: requestHeaders });
4951

5052
const res = handleI18nRouting(req);
5153
if (userState === 'logout') {
5254
res.headers.set('Content-Security-Policy', cspHeader);
55+
res.headers.set('X-Frame-Options', 'SAMEORIGIN');
56+
res.headers.set('X-XSS-Protection', '1; mode=block');
5357
}
5458

5559
return res;

0 commit comments

Comments
 (0)