tentakelfabrik
/
mcp
1
0
Fork 0
Code Issues 8 Pull Requests 0 Releases 4 Wiki Activity
OpenSource CLI-App to install and handle stuff related to Web-Server
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
70 Commits
4 Branches
456 KiB
Tree: df7645c21e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'df7645c21e'
${ noResults }
mcp/resources/nginx/snippets/secure-headers.conf

16 lines
858 B
Raw Normal View History

adding #20
4 years ago
 
  1. # X-Frame-Options is an HTTP header that allows sites control over how your site may be framed within an iframe
  2. # https://infosec.mozilla.org/guidelines/web_security#x-frame-options
  3. add_header X-Frame-Options DENY;
  4. 

  5. # send referrer, but only on requests to the same origin
  6. # https://infosec.mozilla.org/guidelines/web_security#referrer-policy
  7. add_header Referrer-Policy same-origin;
  8. 

  9. # This header enables the Cross-site scripting (XSS) filter
  10. # https://infosec.mozilla.org/guidelines/web_security#x-xss-protection
  11. add_header X-XSS-Protection "1; mode=block";
  12. 

  13. # when serving user-supplied content, include a X-Content-Type-Options: nosniff header along with the Content-Type: header,
  14. # to disable content-type sniffing on some browsers.
  15. # https://infosec.mozilla.org/guidelines/web_security#x-content-type-options
  16. add_header X-Content-Type-Options nosniff;