mirror of
				https://github.com/spantaleev/matrix-docker-ansible-deploy.git
				synced 2025-10-25 01:23:24 +00:00 
			
		
		
		
	Nginx element web: XSS protection & nosniff header
X-XSS-Protection: 1; mode=block; header, for basic XSS protection in legacy browsers. X-Content-Type-Options: nosniff header, to disable MIME sniffing
This commit is contained in:
		| @@ -6,6 +6,8 @@ | ||||
| 	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; | ||||
| 	add_header X-Content-Type-Options nosniff; | ||||
| 	add_header X-Frame-Options SAMEORIGIN; | ||||
| 	add_header X-XSS-Protection "1; mode=block"; | ||||
| 	add_header Content-Security-Policy "frame-ancestors 'none'"; | ||||
| 	{% for configuration_block in matrix_nginx_proxy_proxy_element_additional_server_configuration_blocks %} | ||||
| 		{{- configuration_block }} | ||||
| 	{% endfor %} | ||||
|   | ||||
		Reference in New Issue
	
	Block a user