From c296e26b6cdccece00353af18c8d2b82a6eab3a4 Mon Sep 17 00:00:00 2001 From: cesnimda Date: Sun, 22 Mar 2026 14:08:17 +0100 Subject: [PATCH] fix: add baseline browser security headers for api and nginx --- JobTrackerApi/Program.cs | 6 ------ job-tracker-ui/nginx.conf | 5 +++++ 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/JobTrackerApi/Program.cs b/JobTrackerApi/Program.cs index 6e324d3..044c4c0 100644 --- a/JobTrackerApi/Program.cs +++ b/JobTrackerApi/Program.cs @@ -462,12 +462,6 @@ CREATE TABLE IF NOT EXISTS "AspNetUserTokens" ( EnsureColumn(conn, "AspNetUsers", "GoogleSubject", "ALTER TABLE AspNetUsers ADD COLUMN GoogleSubject TEXT NULL;"); EnsureColumn(conn, "AspNetUsers", "GoogleEmail", "ALTER TABLE AspNetUsers ADD COLUMN GoogleEmail TEXT NULL;"); EnsureColumn(conn, "AspNetUsers", "GoogleLinkedAt", "ALTER TABLE AspNetUsers ADD COLUMN GoogleLinkedAt TEXT NULL;"); - EnsureColumn(conn, "AspNetUsers", "FirstName", "ALTER TABLE AspNetUsers ADD COLUMN FirstName TEXT NULL;"); - EnsureColumn(conn, "AspNetUsers", "LastName", "ALTER TABLE AspNetUsers ADD COLUMN LastName TEXT NULL;"); - EnsureColumn(conn, "AspNetUsers", "DisplayName", "ALTER TABLE AspNetUsers ADD COLUMN DisplayName TEXT NULL;"); - EnsureColumn(conn, "AspNetUsers", "GoogleSubject", "ALTER TABLE AspNetUsers ADD COLUMN GoogleSubject TEXT NULL;"); - EnsureColumn(conn, "AspNetUsers", "GoogleEmail", "ALTER TABLE AspNetUsers ADD COLUMN GoogleEmail TEXT NULL;"); - EnsureColumn(conn, "AspNetUsers", "GoogleLinkedAt", "ALTER TABLE AspNetUsers ADD COLUMN GoogleLinkedAt TEXT NULL;"); static void EnsureUserRuleSettingsTable(DbConnection c) { diff --git a/job-tracker-ui/nginx.conf b/job-tracker-ui/nginx.conf index 05c4d99..f3a09ae 100644 --- a/job-tracker-ui/nginx.conf +++ b/job-tracker-ui/nginx.conf @@ -2,6 +2,11 @@ server { listen 80; server_name _; + add_header X-Content-Type-Options "nosniff" always; + add_header X-Frame-Options "DENY" always; + add_header Referrer-Policy "strict-origin-when-cross-origin" always; + add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always; + root /usr/share/nginx/html; index index.html;