Add configuration file "Nginx - Include - Header - Security - Content-Security-Policy"

This configuration file allows non-duplicate inclusion of CSP in server configuration files without requiring it as part of the base security headers.
2024-04-07 20:07:11 +00:00 · 2024-04-07 20:07:11 +00:00 · 4db3c3f2d1
commit 4db3c3f2d1
parent 2fff5aabc1
1 changed files with 10 additions and 0 deletions
--- a/nginx/include/header-security-csp.conf
+++ b/nginx/include/header-security-csp.conf
@ -0,0 +1,10 @@
+# Inferencium - xa000-1
+# Nginx - Configuration - Include - Header - Security - Content-Security-Policy
+# Version: 0.1.0
+
+# Copyright 2024 Jake Winters
+# SPDX-License-Identifier: BSD-3-Clause
+
+
+add_header					Content-Security-Policy "default-src 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'none'; connect-src 'none'; frame-src 'none'; style-src 'self' 'unsafe-inline'; font-src 'self'";
+