2
0
mirror of https://github.com/offen/website.git synced 2024-11-22 17:10:29 +01:00

Merge pull request #129 from offen/security-headers

Add additional security related headers to nginx configuration
This commit is contained in:
Frederik Ring 2019-09-26 16:58:03 +02:00 committed by GitHub
commit 7fb75b73d5

View File

@ -29,6 +29,9 @@ http {
expires $expires; expires $expires;
add_header Content-Security-Policy $csp; add_header Content-Security-Policy $csp;
add_header Strict-Transport-Security 'max-age=604800; includeSubDomains'; add_header Strict-Transport-Security 'max-age=604800; includeSubDomains';
add_header Referrer-Policy 'origin-when-cross-origin';
add_header X-Content-Type-Options 'nosniff';
add_header X-XSS-Protection '1; mode=block';
location /api/ { location /api/ {
proxy_pass http://server; proxy_pass http://server;