From b41bf073798ef58015d0af77e8f2d60028e8d4b5 Mon Sep 17 00:00:00 2001
From: Florian Dold <florian.dold@gmail.com>
Date: Mon, 5 Sep 2016 17:48:11 +0200
Subject: temporarily switch off web security stuff

---
 etc/nginx/conf.d/talerssl | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'etc/nginx/conf.d/talerssl')

diff --git a/etc/nginx/conf.d/talerssl b/etc/nginx/conf.d/talerssl
index 016566e..cd703ec 100644
--- a/etc/nginx/conf.d/talerssl
+++ b/etc/nginx/conf.d/talerssl
@@ -7,7 +7,7 @@ ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
 ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
 
 add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
-add_header X-XSS-Protection "1; mode=block";
-add_header X-Frame-Options "SAMEORIGIN";
-add_header X-Content-Type-Options "nosniff";
-add_header Content-Security-Policy "default-src 'self'";
+#add_header X-XSS-Protection "1; mode=block";
+#add_header X-Frame-Options "SAMEORIGIN";
+#add_header X-Content-Type-Options "nosniff";
+#add_header Content-Security-Policy "default-src 'self'";
-- 
cgit v1.2.3