commit 280408a25ce8a858d2dc05c8b4a70bd900df190c parent eb2c96cd46c0400769fd68e6b0e0da4d629e11c5 Author: Christian Grothoff <christian@grothoff.org> Date: Sat, 9 Sep 2017 11:39:37 +0200 try with extra 'security' headers Diffstat:
| M | etc/nginx/conf.d/talerssl | | | 8 | ++++---- |
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/etc/nginx/conf.d/talerssl b/etc/nginx/conf.d/talerssl @@ -7,7 +7,7 @@ ssl_protocols TLSv1.2 TLSv1.1 TLSv1; ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; -#add_header X-XSS-Protection "1; mode=block"; -#add_header X-Frame-Options "SAMEORIGIN"; -#add_header X-Content-Type-Options "nosniff"; -#add_header Content-Security-Policy "default-src 'self'"; +add_header X-XSS-Protection "1; mode=block"; +add_header X-Frame-Options "SAMEORIGIN"; +add_header X-Content-Type-Options "nosniff"; +add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'";