parent
e6586f2ad2
commit
2a0120de8b
|
@ -11,6 +11,10 @@ ssi_types application/x-javascript application/javascript;
|
||||||
index index.html index.htm;
|
index index.html index.htm;
|
||||||
error_page 404 /static/404.html;
|
error_page 404 /static/404.html;
|
||||||
|
|
||||||
|
# Security headers
|
||||||
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
|
|
||||||
location = /config.js {
|
location = /config.js {
|
||||||
alias /config/config.js;
|
alias /config/config.js;
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,5 +20,3 @@ ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-
|
||||||
|
|
||||||
# headers
|
# headers
|
||||||
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
|
||||||
add_header X-Content-Type-Options nosniff;
|
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
|
||||||
|
|
Loading…
Reference in New Issue