Merge pull request #2295 from searx/default-http-headers

[enh] add default http headers - closes #715
author: Noémi Ványi <kvch@users.noreply.github.com> 2020-11-08 17:05:16 +0100
committer: GitHub <noreply@github.com> 2020-11-08 17:05:16 +0100
commit: aa6eaf603ff9b403dcc32adadbb1e75445f0348c (patch)
tree: 938ca4d6524a4395b4b0a02ca913d42e4c2c961d /searx/settings.yml
parent: c03e4c86bc49d6ef4664c038066d9f1c16e7dafc (diff)
parent: 063260d090d175f010f42270664d476bb8039801 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/searx/settings.yml b/searx/settings.yml
index 54352bbfc..5cab0a102 100644
--- a/searx/settings.yml
+++ b/searx/settings.yml
@@ -17,6 +17,12 @@ server:
     image_proxy : False # Proxying image results through searx
     http_protocol_version : "1.0"  # 1.0 and 1.1 are supported
     method: "POST" # POST queries are more secure as they don't show up in history but may cause problems when using Firefox containers
+    default_http_headers:
+        X-Content-Type-Options : nosniff
+        X-XSS-Protection : 1; mode=block
+        X-Download-Options : noopen
+        X-Robots-Tag : noindex, nofollow
+        Referrer-Policy : no-referrer
 
 ui:
     static_path : "" # Custom static path - leave it blank if you didn't change
author	Noémi Ványi <kvch@users.noreply.github.com>	2020-11-08 17:05:16 +0100
committer	GitHub <noreply@github.com>	2020-11-08 17:05:16 +0100
commit	aa6eaf603ff9b403dcc32adadbb1e75445f0348c (patch)
tree	938ca4d6524a4395b4b0a02ca913d42e4c2c961d /searx/settings.yml
parent	c03e4c86bc49d6ef4664c038066d9f1c16e7dafc (diff)
parent	063260d090d175f010f42270664d476bb8039801 (diff)