forked from Chaospott/site
Security headers™
This commit is contained in:
parent
52545a460b
commit
103af8b4bb
@ -1,4 +1,9 @@
|
||||
server_tokens off;
|
||||
add_header Last-Modified '27 Feb 1984 13:37 GMT' always;
|
||||
add_header X-Powered-By 'tux' always;
|
||||
add_header Access-Control-Allow-Origin 'https://cloud.chaospott.ru';
|
||||
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' https://cloud.chaospott.ru https://status.chaospott.de https://www.openstreetmap.org";
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header Referrer-Policy "no-referrer";
|
||||
add_header Feature-Policy "microphone 'none'; payment 'none'; sync-xhr 'self' https://chaospott.de/";
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
|
Loading…
Reference in New Issue
Block a user