server/nginx/csp,sts

2019-08-06 23:13:29 +02:00 · 2019-08-06 23:13:29 +02:00 · 5c1c80668b
commit 5c1c80668b
parent 87467943d8
1 changed files with 2 additions and 1 deletions
--- a/in/personal/server/index.rst
+++ b/in/personal/server/index.rst
@ -388,7 +388,8 @@ Security

 listen 443 ssl http2;
 listen [::]:443 ssl http2;
- add_header Strict-Transport-Security "max-age=31557600; includeSubDomains; preload";
+ add_header Content-Security-Policy "default-src 'self'";
+ add_header Strict-Transport-Security "max-age=31557600; includeSubDomains; preload" always;

 Sites
 ^^^^^