YunoHost-Apps/cryptpad_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/cryptpad_ynh.git synced 2024-09-03 18:26:14 +02:00
Code Issues Activity Actions

Update nginx.conf

Browse source 
Not super comfortable with those three lines :/ There's already https://github.com/YunoHost/yunohost/blob/dev/conf/nginx/server.tpl.conf#L52 and https://github.com/YunoHost/yunohost/blob/dev/conf/nginx/security.conf.inc#L33-L34
This commit is contained in:
DDATAA 2023-03-24 14:27:58 +00:00 committed by GitHub
parent 263fd46155
commit 870d575160
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
conf/nginx.conf
View file

@ -4,9 +4,6 @@ set $allowed_origins "https://${sandbox_domain}";
set $api_domain "__DOMAIN__"; set $api_domain "__DOMAIN__";
set $files_domain "__DOMAIN__"; set $files_domain "__DOMAIN__";
ssl_ecdh_curve secp384r1; ssl_ecdh_curve secp384r1;
more_set_headers "Strict-Transport-Security: max-age=31536000; includeSubDomains; always";
more_set_headers "X-XSS-Protection: '1; mode=block'";
more_set_headers "X-Content-Type-Options: nosniff";
more_set_headers "Access-Control-Allow-Origin: '${allowed_origins}'"; more_set_headers "Access-Control-Allow-Origin: '${allowed_origins}'";
more_set_headers "Cross-Origin-Resource-Policy: cross-origin"; more_set_headers "Cross-Origin-Resource-Policy: cross-origin";
more_set_headers "Cross-Origin-Embedder-Policy: require-corp"; more_set_headers "Cross-Origin-Embedder-Policy: require-corp";