Add X-Content-Type-Options header
This commit is contained in:
parent
566feeefb0
commit
47bd755709
|
@ -28,6 +28,7 @@ server {
|
|||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
add_header Content-Security-Policy "default-src https: data: 'unsafe-inline' 'unsafe-eval'" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
|
||||
{% if item.ssl_certificate is defined %}ssl_certificate {{ item.ssl_certificate }};{% endif %}
|
||||
|
||||
|
|
Loading…
Reference in New Issue