public
/
chameth.com
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Too much grammar for a CSP header...

master
Chris Smith 6 years ago
parent
e3781fb911
commit
62ebb042b4
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1
    1
      nginx.conf

+ 1
- 1
nginx.conf View File 

@@ -1,7 +1,7 @@
1 1 
 server_tokens off;
2 2
3 3 
 add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
4 
-add_header Content-Security-Policy "require-sri-for script; default-src 'none'; script-src 'self' 'sha384-m2EXauJIeXunnu9rWV0uaFjwoSeSA+jEbAKdI5sQaGiiiOwht/hOVB/8lq2JI8Bd'; img-src 'self' https://photos.chameth.com https://a.c5h.io; style-src 'self'; font-src 'self'; frame-ancestors: 'none'; form-action: 'none'; base-uri: 'none';";
4 
+add_header Content-Security-Policy "require-sri-for script; default-src 'none'; script-src 'self' 'sha384-m2EXauJIeXunnu9rWV0uaFjwoSeSA+jEbAKdI5sQaGiiiOwht/hOVB/8lq2JI8Bd'; img-src 'self' https://photos.chameth.com https://a.c5h.io; style-src 'self'; font-src 'self'; frame-ancestors 'none'; form-action 'none'; base-uri 'none';";
5 5 
 add_header X-Frame-Options "SAMEORIGIN";
6 6 
 add_header X-Content-Type-Options "nosniff";
7 7 
 add_header X-XSS-Protection "1; mode=block";

Write Preview
Loading…
Cancel
Save