1
0
Fork 0

Compare commits

...

2 Commits

Author SHA1 Message Date
Daniele Tricoli 660c630672 Sort headers 2021-02-13 04:00:40 +01:00
Daniele Tricoli 17bbcbabf6 Add Permissions-Policy header 2021-02-13 03:55:01 +01:00
1 changed files with 4 additions and 3 deletions

View File

@ -25,11 +25,12 @@ server {
listen 443 ssl;
listen [::]:443 ssl;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Content-Security-Policy "default-src https: data: 'unsafe-inline' 'unsafe-eval'" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), notifications=(), payment=(), usb=()" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
{% if item.ssl_certificate is defined %}ssl_certificate {{ item.ssl_certificate }};{% endif %}