server/ct,sts

This commit is contained in:
Marc Beninca 2019-08-15 13:01:07 +02:00
parent ae045e0b71
commit ede8c433f6

View file

@ -405,10 +405,11 @@ Security
listen 443 ssl http2;
listen [::]:443 ssl http2;
add_header Content-Security-Policy "default-src 'self'" always;
add_header Expect-CT "max-age=0, enforce" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Expect-CT "enforce,max-age=0" always;
add_header Strict-Transport-Security "max-age=31557600;includeSubDomains;preload" always;
add_header Content-Security-Policy "default-src 'self'" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
set $fp "";