You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
16 lines
858 B
16 lines
858 B
# X-Frame-Options is an HTTP header that allows sites control over how your site may be framed within an iframe
|
|
# https://infosec.mozilla.org/guidelines/web_security#x-frame-options
|
|
add_header X-Frame-Options DENY;
|
|
|
|
# send referrer, but only on requests to the same origin
|
|
# https://infosec.mozilla.org/guidelines/web_security#referrer-policy
|
|
add_header Referrer-Policy same-origin;
|
|
|
|
# This header enables the Cross-site scripting (XSS) filter
|
|
# https://infosec.mozilla.org/guidelines/web_security#x-xss-protection
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
|
|
# when serving user-supplied content, include a X-Content-Type-Options: nosniff header along with the Content-Type: header,
|
|
# to disable content-type sniffing on some browsers.
|
|
# https://infosec.mozilla.org/guidelines/web_security#x-content-type-options
|
|
add_header X-Content-Type-Options nosniff;
|