From 1924918580cc9d8dd9632173c0df870bd45fa213 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kasper=20Rynning-T=C3=B8nnesen?=
 <kasper.rynning-tonnesen@knowit.no>
Date: Tue, 28 Jan 2020 16:29:54 +0100
Subject: [PATCH] More security things

---
 server.js | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/server.js b/server.js
index 3736c11..11befa5 100644
--- a/server.js
+++ b/server.js
@@ -31,12 +31,9 @@ app.use(
     }
   })
 );
-app.use(
-  helmet({
-    frameguard: false
-  })
-);
-app.use(referrerPolicy({ policy: "origin-when-cross-origin" }));
+app.use(helmet());
+app.use(helmet.frameguard({ action: "sameorigin" }));
+app.use(referrerPolicy({ policy: "origin" }));
 
 app.use(cors());
 mongoose.promise = global.Promise;