From ede8c433f691638a3f4383ba58d1af698c9b0fbd Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Thu, 15 Aug 2019 13:01:07 +0200 Subject: [PATCH] server/ct,sts --- in/personal/server/index.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/in/personal/server/index.rst b/in/personal/server/index.rst index 0e3094b..267e8d6 100644 --- a/in/personal/server/index.rst +++ b/in/personal/server/index.rst @@ -405,10 +405,11 @@ Security listen 443 ssl http2; listen [::]:443 ssl http2; + add_header Expect-CT "enforce,max-age=0" always; + add_header Strict-Transport-Security "max-age=31557600;includeSubDomains;preload" always; + add_header Content-Security-Policy "default-src 'self'" always; - add_header Expect-CT "max-age=0, enforce" always; add_header Referrer-Policy "no-referrer-when-downgrade" always; - add_header Strict-Transport-Security "max-age=31557600; includeSubDomains; preload" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Frame-Options "SAMEORIGIN" always; set $fp "";