Skip to content

Commit

Permalink
More header fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@ingalls
ingalls committed Sep 10, 2024
1 parent 4bb3732 commit 2044a7d
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions api/nginx.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,12 +25,12 @@ http {

server_tokens off;

add_header 'X-Content-Type-Options' 'nosniff'; always;
add_header 'X-Frame-Options' 'DENY always'; always;
add_header 'Referrer-Policy' 'strict-origin-when-cross-origin'; always;
add_header 'Strict-Transport-Security' 'max-age=31536000; includeSubDomains; preload'; always;
add_header 'Permissions-Policy' 'fullscreen=(self), geolocation=(self), clipboard-read=(self), clipboard-write=(self)'; always;
add_header 'Content-Security-Policy' "default-src 'self'; upgrade-insecure-requests;"; always;
add_header 'X-Content-Type-Options' 'nosniff' always;
add_header 'X-Frame-Options' 'DENY' always;
add_header 'Referrer-Policy' 'strict-origin-when-cross-origin' always;
add_header 'Strict-Transport-Security' 'max-age=31536000; includeSubDomains; preload' always;
add_header 'Permissions-Policy' 'fullscreen=(self), geolocation=(self), clipboard-read=(self), clipboard-write=(self)' always;
add_header 'Content-Security-Policy' "default-src 'self'; upgrade-insecure-requests;" always;

location / {
if ($request_uri ~ ^/(.*)\.html) {
Expand Down

0 comments on commit 2044a7d

Please sign in to comment.