v1.0.4: Security hardening - rate limiting, middleware, HSTS, password strength, anti-enumeration

2026-02-21 18:55:10 +01:00
parent b75bf9bb30
commit 8ef2cbe68e
15 changed files with 289 additions and 14 deletions
--- a/next.config.js
+++ b/next.config.js
@@ -31,6 +31,18 @@ const nextConfig = {
            key: 'Cross-Origin-Opener-Policy',
            value: 'same-origin',
          },
+          {
+            key: 'Strict-Transport-Security',
+            value: 'max-age=63072000; includeSubDomains; preload',
+          },
+          {
+            key: 'X-DNS-Prefetch-Control',
+            value: 'on',
+          },
+          {
+            key: 'X-XSS-Protection',
+            value: '1; mode=block',
+          },
          {
            key: 'Content-Security-Policy',
            value: [