schemaVersion: "1.0"
pattern:
  id: "0d3511bed6798a78cc3237f6"
  className: "ch.nevis.admin.v4.plugin.nevisproxy.patterns.SecurityResponseHeaders"
  name: "Base Security Response Headers"
  label: "PROXY"
  notes: "The security response headers, which are environment independent and/or\
    \ static"
  properties:
    responseHeaders:
    - Strict-Transport-Security: "max-age=63072000; includeSubDomains;"
    - X-Content-Type-Options: "nosniff"
    - Referrer-Policy: "strict-origin-when-cross-origin"
    - X-Frame-Options: "DENY"
    - Cross-Origin-Opener-Policy: "same-origin"
    - Cross-Origin-Embedder-Policy: "require-corp"
    - Cross-Origin-Resource-Policy: "same-site"
    - Permissions-Policy: "geolocation=(), camera=(), microphone=(), interest-cohort=()"