Spaces:
Running
Running
headers
Browse files- middleware.ts +8 -0
middleware.ts
CHANGED
|
@@ -8,6 +8,14 @@ export function middleware(request: NextRequest) {
|
|
| 8 |
// Create response with headers
|
| 9 |
const response = NextResponse.next({ headers });
|
| 10 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 11 |
// Add cache control for better performance
|
| 12 |
if (request.nextUrl.pathname.startsWith('/_next/static')) {
|
| 13 |
response.headers.set('Cache-Control', 'public, max-age=31536000, immutable');
|
|
|
|
| 8 |
// Create response with headers
|
| 9 |
const response = NextResponse.next({ headers });
|
| 10 |
|
| 11 |
+
// Add SEO and security headers
|
| 12 |
+
// Only set X-Frame-Options for non-HF spaces domains
|
| 13 |
+
if (!request.nextUrl.host.includes('hf.space')) {
|
| 14 |
+
response.headers.set('X-Frame-Options', 'SAMEORIGIN');
|
| 15 |
+
}
|
| 16 |
+
response.headers.set('X-Content-Type-Options', 'nosniff');
|
| 17 |
+
response.headers.set('Referrer-Policy', 'strict-origin-when-cross-origin');
|
| 18 |
+
|
| 19 |
// Add cache control for better performance
|
| 20 |
if (request.nextUrl.pathname.startsWith('/_next/static')) {
|
| 21 |
response.headers.set('Cache-Control', 'public, max-age=31536000, immutable');
|