aboutsummaryrefslogtreecommitdiff
path: root/deploy/headers_secure.conf
blob: 6dfc381d38a54336f88f1445e8b4b1fabbd5752d (plain)
1
2
3
4
5
6
7
8
9
10
# A+ on https://securityheaders.io/
add_header X-Frame-Options deny;
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy strict-origin;
add_header Cache-Control no-transform;
add_header Content-Security-Policy "script-src 'unsafe-inline'";
add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()";
# 6 months HSTS pinning
add_header Strict-Transport-Security max-age=16000000;