CSP on photos.afpy.org
This commit is contained in:
parent
4163e91032
commit
d4c74a252c
|
@ -273,6 +273,8 @@
|
||||||
{
|
{
|
||||||
listen [::]:443 ssl http2; listen 443 ssl http2;
|
listen [::]:443 ssl http2; listen 443 ssl http2;
|
||||||
server_name photos.afpy.org;
|
server_name photos.afpy.org;
|
||||||
|
add_header Content-Security-Policy "default-src 'none'; img-src 'self'; style-src 'self'; script-src 'self'; frame-ancestors 'self'";
|
||||||
|
add_header X-Content-Type-Options "nosniff";
|
||||||
include snippets/letsencrypt-photos.afpy.org.conf;
|
include snippets/letsencrypt-photos.afpy.org.conf;
|
||||||
root /var/www/photos.afpy.org/;
|
root /var/www/photos.afpy.org/;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user