chore: root commit of OWSAP security testing/tightening

2026-03-01 20:46:47 -06:00
parent 1645896e54
commit 079b8b9492
25 changed files with 1131 additions and 107 deletions
--- a/Caddyfile.prod
+++ b/Caddyfile.prod
@@ -11,6 +11,8 @@ skymoneybudget.com {
    Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
    X-Content-Type-Options "nosniff"
    X-Frame-Options "DENY"
+    Content-Security-Policy "frame-ancestors 'none'"
+    Referrer-Policy "strict-origin-when-cross-origin"
  }

  # Serve static SPA