mirror of
https://gitea.blesmrt.net/mikaela/shell-things.git
synced 2024-11-26 05:09:23 +01:00
nginx: add Upgrade Insecure Requests
http://caniuse.com/#feat=upgradeinsecurerequests
This commit is contained in:
parent
0024333230
commit
650829aea9
@ -33,6 +33,7 @@ server {
|
||||
# Enable this if your want HSTS (recommended)
|
||||
add_header Strict-Transport-Security "max-age=15552000; includeSubdomains; preload";
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
add_header Content-Security-Policy upgrade-insecure-requests;
|
||||
|
||||
# OCSP Stapling ---
|
||||
# fetch OCSP records from URL in ssl_certificate and cache them
|
||||
|
@ -7,6 +7,7 @@ server {
|
||||
# Enable this if your want HSTS (recommended)
|
||||
add_header Strict-Transport-Security "max-age=15552000; includeSubdomains; preload";
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
add_header Content-Security-Policy upgrade-insecure-requests;
|
||||
|
||||
server_name something.example.org;
|
||||
|
||||
|
@ -9,6 +9,7 @@ server {
|
||||
# Enable this if your want HSTS (recommended)
|
||||
add_header Strict-Transport-Security "max-age=15552000; includeSubdomains; preload";
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
add_header Content-Security-Policy upgrade-insecure-requests;
|
||||
|
||||
root /var/www/vhostdir;
|
||||
index index.php index.html index.htm;
|
||||
|
Loading…
Reference in New Issue
Block a user