Add security headers to nginx

1ded4e87 · kaiyou · 41b3d35d · 1ded4e87
Commit 1ded4e87 authored Jun 09, 2018 by kaiyou
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 0 deletions

docker/nginx.conf docker/nginx.conf +6 -0

No files found.
--- a/docker/nginx.conf
+++ b/docker/nginx.conf
@@ -28,6 +28,12 @@ http {

 		client_max_body_size 20M;

+		add_header X-Frame-Options 'SAMEORIGIN';
+		add_header X-Content-Type-Options 'nosniff';
+		add_header X-Permitted-Cross-Domain-Policies 'none';
+		add_header X-XSS-Protection '1; mode=block';
+		add_header Referrer-Policy 'same-origin';
+
    location /data {
      root /;
    }