nune/privatebin-docker-nginx-fpm-alpine
nune/privatebin-docker-nginx-fpm-alpine
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3

new security headers, recommended by ZAP scan #29

Browse source
This commit is contained in:
El RIDO 2021-04-05 18:21:55 +02:00
parent a86fc49145
commit 7b367cad23
No known key found for this signature in database
GPG key ID: 0F5C940A6BD81F92
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
etc/nginx/http.d/site.conf
View file

@ -5,6 +5,14 @@ server {
root /var/www; root /var/www;
index index.php index.html index.htm; index index.php index.html index.htm;
add_header Cross-Origin-Embedder-Policy require-corp;
add_header Cross-Origin-Resource-Policy same-origin;
add_header Cross-Origin-Opener-Policy same-origin;
add_header Referrer-Policy no-referrer;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options deny;
add_header X-XSS-Protection "1; mode=block";
location / { location / {
include /etc/nginx/location.d/*.conf; include /etc/nginx/location.d/*.conf;
try_files $uri $uri/ /index.php$is_args$args; try_files $uri $uri/ /index.php$is_args$args;