diff options
author | Christian Grothoff <christian@grothoff.org> | 2017-09-09 11:39:37 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2017-09-09 11:39:37 +0200 |
commit | 280408a25ce8a858d2dc05c8b4a70bd900df190c (patch) | |
tree | 14152954760b0770abf0b3189902bfca9e26408e /etc/nginx/conf.d | |
parent | eb2c96cd46c0400769fd68e6b0e0da4d629e11c5 (diff) | |
download | deployment-280408a25ce8a858d2dc05c8b4a70bd900df190c.tar.gz deployment-280408a25ce8a858d2dc05c8b4a70bd900df190c.tar.bz2 deployment-280408a25ce8a858d2dc05c8b4a70bd900df190c.zip |
try with extra 'security' headers
Diffstat (limited to 'etc/nginx/conf.d')
-rw-r--r-- | etc/nginx/conf.d/talerssl | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/etc/nginx/conf.d/talerssl b/etc/nginx/conf.d/talerssl index cd703ec..4d8b451 100644 --- a/etc/nginx/conf.d/talerssl +++ b/etc/nginx/conf.d/talerssl @@ -7,7 +7,7 @@ ssl_protocols TLSv1.2 TLSv1.1 TLSv1; ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; -#add_header X-XSS-Protection "1; mode=block"; -#add_header X-Frame-Options "SAMEORIGIN"; -#add_header X-Content-Type-Options "nosniff"; -#add_header Content-Security-Policy "default-src 'self'"; +add_header X-XSS-Protection "1; mode=block"; +add_header X-Frame-Options "SAMEORIGIN"; +add_header X-Content-Type-Options "nosniff"; +add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'"; |