forked from switnet/quick-jibri-installer
Improve headers
This commit is contained in:
parent
37032e03cb
commit
e6c655a876
|
@ -186,11 +186,13 @@ server {
|
||||||
# will add the domain to a hardcoded list that is shipped
|
# will add the domain to a hardcoded list that is shipped
|
||||||
# in all major browsers and getting removed from this list
|
# in all major browsers and getting removed from this list
|
||||||
# could take several months.
|
# could take several months.
|
||||||
add_header X-Content-Type-Options nosniff;
|
add_header Referrer-Policy "no-referrer" always;
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
add_header X-Content-Type-Options "nosniff" always;
|
||||||
add_header X-Robots-Tag none;
|
add_header X-Download-Options "noopen" always;
|
||||||
add_header X-Download-Options noopen;
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||||
add_header X-Permitted-Cross-Domain-Policies none;
|
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||||
|
add_header X-Robots-Tag "none" always;
|
||||||
|
add_header X-XSS-Protection "1; mode=block" always;
|
||||||
|
|
||||||
# Path to the root of your installation
|
# Path to the root of your installation
|
||||||
root $NC_PATH/;
|
root $NC_PATH/;
|
||||||
|
@ -279,11 +281,13 @@ server {
|
||||||
# will add the domain to a hardcoded list that is shipped
|
# will add the domain to a hardcoded list that is shipped
|
||||||
# in all major browsers and getting removed from this list
|
# in all major browsers and getting removed from this list
|
||||||
# could take several months.
|
# could take several months.
|
||||||
add_header X-Content-Type-Options nosniff;
|
add_header Referrer-Policy "no-referrer" always;
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
add_header X-Content-Type-Options "nosniff" always;
|
||||||
add_header X-Robots-Tag none;
|
add_header X-Download-Options "noopen" always;
|
||||||
add_header X-Download-Options noopen;
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||||
add_header X-Permitted-Cross-Domain-Policies none;
|
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||||
|
add_header X-Robots-Tag "none" always;
|
||||||
|
add_header X-XSS-Protection "1; mode=block" always;
|
||||||
# Optional: Don't log access to assets
|
# Optional: Don't log access to assets
|
||||||
access_log off;
|
access_log off;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue