Chaospott/site-deploy
43
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Security headers™

Browse Source
This commit is contained in:
Bandie
2020-04-26 17:35:24 +02:00
parent 52545a460b
commit 103af8b4bb
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
nginx/conf.d/headers.conf
View File

@@ -1,4 +1,9 @@
server_tokens off;
add_header Last-Modified '27 Feb 1984 13:37 GMT' always;
add_header X-Powered-By 'tux' always;
add_header Access-Control-Allow-Origin 'https://cloud.chaospott.ru';
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' https://cloud.chaospott.ru https://status.chaospott.de https://www.openstreetmap.org";
add_header X-XSS-Protection "1; mode=block";
add_header Referrer-Policy "no-referrer";
add_header Feature-Policy "microphone 'none'; payment 'none'; sync-xhr 'self' https://chaospott.de/";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";