0xa/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

add strict transport security header

Browse source
This commit is contained in:
Grigory Shipunov 2023-01-14 13:21:12 +01:00
parent eabc64290a
commit 3ddfc83802
Signed by: 0xa
GPG key ID: 91FA5E5BF9AA901C
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
microvms/nextcloud/default.nix
View file

@ -34,6 +34,7 @@
add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always; add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always; add_header X-XSS-Protection "1; mode=block" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
# Remove X-Powered-By, which is an information leak # Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By; fastcgi_hide_header X-Powered-By;