disable header preventing opening links to self, fixes #959

2022-07-31 08:49:36 +02:00 · 2022-07-31 08:49:36 +02:00 · d6cead99eb
commit d6cead99eb
parent 1d74c1ae56
1 changed files with 4 additions and 1 deletions
--- a/etc/nginx/http.d/site.conf
+++ b/etc/nginx/http.d/site.conf
@ -11,7 +11,10 @@ server {
        # https://developers.cloudflare.com/cache/about/cache-control#other
        add_header Cache-Control "public, max-age=3600, must-revalidate, no-transform";
        add_header Cross-Origin-Embedder-Policy require-corp;
-        add_header Cross-Origin-Opener-Policy same-origin;
+        # disabled, because it prevents links from a paste to the same site to
+        # be opened. Didn't work with `same-origin-allow-popups` either.
+        # See issue #959 for details.
+        #add_header Cross-Origin-Opener-Policy same-origin;
        add_header Cross-Origin-Resource-Policy same-origin;
        add_header Referrer-Policy no-referrer;
        add_header X-Content-Type-Options nosniff;