From 6f44f7469d6bb160abb72266c52bf3ccd5151d78 Mon Sep 17 00:00:00 2001 From: inference Date: Thu, 23 Mar 2023 02:54:44 +0000 Subject: [PATCH] Update website nginx configuration to version 8.0.0.7. --- server/xb000-0/nginx/website.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/server/xb000-0/nginx/website.conf b/server/xb000-0/nginx/website.conf index 681e8f9..2430b63 100644 --- a/server/xb000-0/nginx/website.conf +++ b/server/xb000-0/nginx/website.conf @@ -4,7 +4,7 @@ # Copyright 2022-2023 Jake Winters # SPDX-License-Identifier: BSD-3-Clause-Clear -# Version: 6.0.0.5 +# Version: 8.0.0.7 # Server (unencrypted) @@ -55,8 +55,8 @@ server { add_header Strict-Transport-Security "max-age=126200000; includeSubDomains; preload"; add_header X-Frame-Options "DENY"; add_header X-Content-Type-Options nosniff; -# add_header Content-Security-Policy "default-src 'self'"; - add_header Referrer-Policy same-origin; + add_header Content-Security-Policy "default-src 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'none'; connect-src 'none'; frame-src 'none'; style-src 'self'; font-src 'self'"; + add_header Referrer-Policy no-referrer; client_max_body_size 16m; ignore_invalid_headers off;