diff options
-rw-r--r-- | server.go | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -305,6 +305,8 @@ func New(e *echo.Echo, options *Options) (*Server, error) { // `style-src 'unsafe-inline'` is required for e-mails with // embedded stylesheets ectx.Response().Header().Set("Content-Security-Policy", "default-src 'self'; style-src 'self' 'unsafe-inline'") + // DNS prefetching has privacy implications + ectx.Response().Header().Set("X-DNS-Prefetch-Control", "off") return next(ectx) } }) |