add(nginx): No-CSP security-header file
Content Security Policy breaks some features of Gitea and should be disabled. This header file allows other configuration files to use it, too.
This commit is contained in:
parent
081d7e0467
commit
61965a5c79
SSH Key Fingerprint:
SHA256:/O3c09/4f1lh4zrhFs2qvQEDda6dZbTwG9xEcj8OfWo
13
xb-00-01/nginx/include/header-security-nocsp.conf
Normal file
13
xb-00-01/nginx/include/header-security-nocsp.conf
Normal file
@ -0,0 +1,13 @@
|
||||
# Inferencium - xb-00-01
|
||||
# Nginx - Configuration - Header - Security - No CSP
|
||||
# Version: 1.0.0-beta.1
|
||||
|
||||
# Copyright 2025 Jake Winters
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
|
||||
|
||||
add_header Strict-Transport-Security "max-age=126200000; includeSubDomains; preload";
|
||||
add_header X-Frame-Options "DENY";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header Referrer-Policy no-referrer;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user