Just a suggestion: You could add some hardening to your Azure Function App template. e.g.:
host.json
{
"version": "2.0",
"extensions": {
"http": {
"routePrefix": "",
"customHeaders": {
"Permissions-Policy": "geolocation=()",
"X-Frame-Options": "SAMEORIGIN",
"Content-Security-Policy": "default-src 'self'",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains",
"X-Content-Type-Options": "nosniff",
"Referrer-Policy": "no-referrer"
}
}
},
"managedDependency": {
"Enabled": false
},
"extensionBundle": {
"id": "Microsoft.Azure.Functions.ExtensionBundle",
"version": "[3.*, 4.0.0)"
}
}
Just a suggestion: You could add some hardening to your Azure Function App template. e.g.:
host.json
{
"version": "2.0",
"extensions": {
"http": {
"routePrefix": "",
"customHeaders": {
"Permissions-Policy": "geolocation=()",
"X-Frame-Options": "SAMEORIGIN",
"Content-Security-Policy": "default-src 'self'",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains",
"X-Content-Type-Options": "nosniff",
"Referrer-Policy": "no-referrer"
}
}
},
"managedDependency": {
"Enabled": false
},
"extensionBundle": {
"id": "Microsoft.Azure.Functions.ExtensionBundle",
"version": "[3.*, 4.0.0)"
}
}