offen/website
2
0
Fork 0
mirror of https://github.com/offen/website.git synced 2024-11-22 09:00:28 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #129 from offen/security-headers

Browse Source 
Add additional security related headers to nginx configuration
This commit is contained in:
Frederik Ring 2019-09-26 16:58:03 +02:00 committed by GitHub
commit 7fb75b73d5
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
build/proxy/nginx.conf
View File

@ -29,6 +29,9 @@ http {
expires $expires; expires $expires;
add_header Content-Security-Policy $csp; add_header Content-Security-Policy $csp;
add_header Strict-Transport-Security 'max-age=604800; includeSubDomains'; add_header Strict-Transport-Security 'max-age=604800; includeSubDomains';
add_header Referrer-Policy 'origin-when-cross-origin';
add_header X-Content-Type-Options 'nosniff';
add_header X-XSS-Protection '1; mode=block';
location /api/ { location /api/ {
proxy_pass http://server; proxy_pass http://server;