offen/website
2
0
Fork 0
mirror of https://github.com/offen/website.git synced 2024-11-22 09:00:28 +01:00
Code Issues Projects Releases Wiki Activity

strip app level headers in nginx

Browse Source
This commit is contained in:
Frederik Ring 2019-10-17 15:16:56 +02:00
parent 69f6458674
commit 68bc2db5f1
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
build/nginx.conf
View File

@ -28,10 +28,15 @@ http {
autoindex on; autoindex on;
root /www/data; root /www/data;
expires $expires; expires $expires;
proxy_hide_header Content-Security-Policy;
add_header Content-Security-Policy $csp; add_header Content-Security-Policy $csp;
proxy_hide_header Strict-Transport-Security;
add_header Strict-Transport-Security 'max-age=604800; includeSubDomains'; add_header Strict-Transport-Security 'max-age=604800; includeSubDomains';
proxy_hide_header Referrer-Policy;
add_header Referrer-Policy 'origin-when-cross-origin'; add_header Referrer-Policy 'origin-when-cross-origin';
proxy_hide_header X-Content-Type-Options;
add_header X-Content-Type-Options 'nosniff'; add_header X-Content-Type-Options 'nosniff';
proxy_hide_header X-XSS-Protection;
add_header X-XSS-Protection '1; mode=block'; add_header X-XSS-Protection '1; mode=block';
location /api/ { location /api/ {