Skip to content

Instantly share code, notes, and snippets.

View neotreat's full-sized avatar

René Milzarek neotreat

  • Crashtest Security GmbH
View GitHub Profile
@neotreat
neotreat / meta-csp.html
Created September 12, 2017 10:00
A basic example for a Content-Security-Policy using a meta-tag.
<!doctype html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="default-src 'none';">
</head>
<body>
...
</body>
</html>
@neotreat
neotreat / http-security-headers-lambda-cloudfront.js
Last active August 28, 2018 22:58
Add HTTP Security Headers to Cloudfront with Lambda@Edge.
'use strict';
exports.handler = (event, context, callback) => {
const response = event.Records[0].cf.response;
const headers = response.headers;
// Add security headers
const securityHeaders = [
[{