mirror of
https://github.com/offen/website.git
synced 2024-11-22 09:00:28 +01:00
add additional security related headers to nginx configuration
This commit is contained in:
parent
3d9470eec4
commit
d68b5c2cf7
@ -29,6 +29,9 @@ http {
|
|||||||
expires $expires;
|
expires $expires;
|
||||||
add_header Content-Security-Policy $csp;
|
add_header Content-Security-Policy $csp;
|
||||||
add_header Strict-Transport-Security 'max-age=604800; includeSubDomains';
|
add_header Strict-Transport-Security 'max-age=604800; includeSubDomains';
|
||||||
|
add_header Referrer-Policy 'origin-when-cross-origin';
|
||||||
|
add_header X-Content-Type-Options 'nosniff';
|
||||||
|
add_header X-XSS-Protection '1; mode=block';
|
||||||
|
|
||||||
location /api/ {
|
location /api/ {
|
||||||
proxy_pass http://server;
|
proxy_pass http://server;
|
||||||
|
Loading…
Reference in New Issue
Block a user