From b5135ce6bf1d82a549766b778e09581e06cf9e82 Mon Sep 17 00:00:00 2001
From: regalijan <r@regalijan.com>
Date: Thu, 19 Oct 2023 16:50:13 -0400
Subject: [PATCH] Add additional security headers

---
 functions/_middleware.ts | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/functions/_middleware.ts b/functions/_middleware.ts
index fcb3fd3..590e7d8 100644
--- a/functions/_middleware.ts
+++ b/functions/_middleware.ts
@@ -102,10 +102,13 @@ async function setHeaders(context: RequestContext) {
     "Wintervale",
   ];
 
+  response.headers.set("Permissions-Policy", "clipboard-write=(self), interest-cohort=()");
+  response.headers.set("Referrer-Policy", "same-origin");
   response.headers.set(
     "RTV",
     rtvValues[Math.round(Math.random() * (rtvValues.length - 1))]
   );
+  response.headers.set("X-Frame-Options", "SAMEORIGIN");
   response.headers.set("X-XSS-Protection", "1; mode=block");
 
   return response;