Stable branch #2

Merged
Ark74 merged 34 commits from stable-branch into master 2020-04-11 19:22:27 +00:00
1 changed files with 14 additions and 10 deletions
Showing only changes of commit e6c655a876 - Show all commits

View File

@ -186,11 +186,13 @@ server {
# will add the domain to a hardcoded list that is shipped # will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list # in all major browsers and getting removed from this list
# could take several months. # could take several months.
add_header X-Content-Type-Options nosniff; add_header Referrer-Policy "no-referrer" always;
add_header X-XSS-Protection "1; mode=block"; add_header X-Content-Type-Options "nosniff" always;
add_header X-Robots-Tag none; add_header X-Download-Options "noopen" always;
add_header X-Download-Options noopen; add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies none; add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Path to the root of your installation # Path to the root of your installation
root $NC_PATH/; root $NC_PATH/;
@ -279,11 +281,13 @@ server {
# will add the domain to a hardcoded list that is shipped # will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list # in all major browsers and getting removed from this list
# could take several months. # could take several months.
add_header X-Content-Type-Options nosniff; add_header Referrer-Policy "no-referrer" always;
add_header X-XSS-Protection "1; mode=block"; add_header X-Content-Type-Options "nosniff" always;
add_header X-Robots-Tag none; add_header X-Download-Options "noopen" always;
add_header X-Download-Options noopen; add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies none; add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Optional: Don't log access to assets # Optional: Don't log access to assets
access_log off; access_log off;
} }