server/nginx/xss

2019-08-06 23:29:36 +02:00 · 2019-08-06 23:29:36 +02:00 · 3ac1b8dddf
commit 3ac1b8dddf
parent 33644cfc7f
1 changed files with 1 additions and 0 deletions
--- a/in/personal/server/index.rst
+++ b/in/personal/server/index.rst
@ -391,6 +391,7 @@ Security
 add_header Content-Security-Policy "default-src 'self'";
 add_header Strict-Transport-Security "max-age=31557600; includeSubDomains; preload" always;
 add_header X-Frame-Options "SAMEORIGIN";
+ add_header X-XSS-Protection "1; mode=block";

 Sites
 ^^^^^