From 68a2a11ac4f5e0439daa318276d15e19ae4810eb Mon Sep 17 00:00:00 2001
From: Benjamin Cabanes <3447705+bcabanes@users.noreply.github.com>
Date: Thu, 21 Jul 2022 13:54:28 -0400
Subject: [PATCH] docs(nxdev): add security headers (#11240)

---
 nx-dev/nx-dev/next.config.js | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/nx-dev/nx-dev/next.config.js b/nx-dev/nx-dev/next.config.js
index 64dc0d7615..3e46cb3822 100644
--- a/nx-dev/nx-dev/next.config.js
+++ b/nx-dev/nx-dev/next.config.js
@@ -21,6 +21,24 @@ module.exports = withNx({
   env: {
     VERCEL: process.env.VERCEL,
   },
+  async headers() {
+    return [
+      {
+        source: '/:path*',
+        headers: [
+          { key: 'X-DNS-Prefetch-Control', value: 'on' },
+          {
+            key: 'Strict-Transport-Security',
+            value: 'max-age=63072000; includeSubDomains; preload',
+          },
+          { key: 'X-XSS-Protection', value: '1; mode=block' },
+          { key: 'X-Content-Type-Options', value: 'nosniff' },
+          { key: 'X-Frame-Options', value: 'DENY' },
+          { key: 'Referrer-Policy', value: 'no-referrer' },
+        ],
+      },
+    ];
+  },
   async redirects() {
     const rules = [];