cfg/xb-00-01/nginx/include/header-security-nocsp.conf

# Inferencium - xb-00-01
# Nginx - Configuration - Header - Security - No CSP
# Version: 1.0.0-beta.1

# Copyright 2025 Jake Winters
# SPDX-License-Identifier: BSD-3-Clause


add_header Strict-Transport-Security	"max-age=126200000; includeSubDomains; preload";
add_header X-Frame-Options				"DENY";
add_header X-Content-Type-Options		nosniff;
add_header Referrer-Policy				no-referrer;
add(nginx): No-CSP security-header file Content Security Policy breaks some features of Gitea and should be disabled. This header file allows other configuration files to use it, too. 2025-06-29 17:55:35 +00:00			`# Inferencium - xb-00-01`
			`# Nginx - Configuration - Header - Security - No CSP`
			`# Version: 1.0.0-beta.1`

			`# Copyright 2025 Jake Winters`
			`# SPDX-License-Identifier: BSD-3-Clause`


			`add_header Strict-Transport-Security "max-age=126200000; includeSubDomains; preload";`
			`add_header X-Frame-Options "DENY";`
			`add_header X-Content-Type-Options nosniff;`
			`add_header Referrer-Policy no-referrer;`