From 7d61dedc92742757f312732072c8213af944773c Mon Sep 17 00:00:00 2001
From: cupcakearmy <nicco.borgioli@gmail.com>
Date: Mon, 19 Aug 2019 13:16:55 +0200
Subject: [PATCH] add security headers

---
 liquet/functions.php | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/liquet/functions.php b/liquet/functions.php
index b9421b1..c1cf904 100644
--- a/liquet/functions.php
+++ b/liquet/functions.php
@@ -6,6 +6,17 @@ add_theme_support( 'align-wide' );
 add_theme_support( 'title-tag' );
 add_theme_support( 'post-thumbnails' );
 
+
+add_filter( 'wp_headers', function ( $headers ) {
+	$headers['Content-Security-Policy']   = "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; report-uri csp@nicco.io";
+	$headers['X-Content-Type-Options']    = 'nosniff';
+	$headers['X-Frame-Options']           = "deny";
+	$headers['Strict-Transport-Security'] = "max-age=31536000";
+	$headers['Referrer-Policy']           = "origin";
+
+	return $headers;
+} );
+
 add_action( 'wp_enqueue_scripts', function () {
 	// JS
 	wp_enqueue_script( 'liquet-lights', get_template_directory_uri() . '/js/lights.js' );