This commit is contained in:
Motiejus Jakštys 2024-10-09 22:52:35 -04:00
parent b140fb1866
commit 5ece7745e2
2 changed files with 3 additions and 0 deletions

View File

@ -238,6 +238,7 @@ in
X-XSS-Protection "1; mode=block" X-XSS-Protection "1; mode=block"
# Disallow the site to be rendered within a frame (clickjacking protection) # Disallow the site to be rendered within a frame (clickjacking protection)
X-Frame-Options "SAMEORIGIN" X-Frame-Options "SAMEORIGIN"
Alt-Svc "h3=\":443\"; ma=86400"
} }
reverse_proxy 127.0.0.1:${toString myData.ports.vaultwarden} { reverse_proxy 127.0.0.1:${toString myData.ports.vaultwarden} {
@ -281,6 +282,7 @@ in
Content-Security-Policy "default-src 'self'" Content-Security-Policy "default-src 'self'"
X-Content-Type-Options "nosniff" X-Content-Type-Options "nosniff"
X-Frame-Options "DENY" X-Frame-Options "DENY"
Alt-Svc "h3=\":443\"; ma=86400"
/_/* Cache-Control "public, max-age=31536000, immutable" /_/* Cache-Control "public, max-age=31536000, immutable"
} }

View File

@ -93,6 +93,7 @@
Content-Security-Policy "frame-ancestors 'none'; default-src 'none'; connect-src 'self'; font-src 'self' data:; form-action 'self'; img-src 'self' https://ga-beacon.appspot.com https://raw.githubusercontent.com https://secure.gravatar.com https://sourcethemes.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self';" Content-Security-Policy "frame-ancestors 'none'; default-src 'none'; connect-src 'self'; font-src 'self' data:; form-action 'self'; img-src 'self' https://ga-beacon.appspot.com https://raw.githubusercontent.com https://secure.gravatar.com https://sourcethemes.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self';"
X-Content-Type-Options "nosniff" X-Content-Type-Options "nosniff"
X-Frame-Options "DENY" X-Frame-Options "DENY"
Alt-Svc "h3=\":443\"; ma=86400"
} }
reverse_proxy 127.0.0.1:${toString myData.ports.gitea} reverse_proxy 127.0.0.1:${toString myData.ports.gitea}