YunoHost-Apps/nextcloud_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/nextcloud_ynh.git synced 2024-09-03 19:55:57 +02:00
Code Issues Activity Actions

Revert "Adapt nginx configuration to avoid double headers due to core change (8cb029a55e)"

Browse source 
This reverts commit 0ea5823570.
This commit is contained in:
Mickaël Martin 2019-02-21 18:24:14 +01:00
parent 0ea5823570
commit b994136884
1 changed files with 17 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
conf/nginx.conf
View file

@ -13,13 +13,13 @@ location ^~ __PATH__ {
} }
# Add headers to serve security related headers # Add headers to serve security related headers
more_set_headers "Strict-Transport-Security: max-age=15768000"; add_header Strict-Transport-Security "max-age=15768000;";
more_set_headers "X-Content-Type-Options: nosniff"; add_header X-Content-Type-Options nosniff;
more_set_headers "X-XSS-Protection: 1; mode=block"; add_header X-XSS-Protection "1; mode=block";
more_set_headers "X-Robots-Tag: none"; add_header X-Robots-Tag none;
more_set_headers "X-Download-Options: noopen"; add_header X-Download-Options noopen;
more_set_headers "X-Permitted-Cross-Domain-Policies: none"; add_header X-Permitted-Cross-Domain-Policies none;
more_set_headers "Referrer-Policy: no-referrer"; add_header Referrer-Policy no-referrer;
# Set max upload size # Set max upload size
client_max_body_size 10G; client_max_body_size 10G;
@ -78,15 +78,15 @@ location ^~ __PATH__ {
# Adding the cache control header for js and css files # Adding the cache control header for js and css files
location ~* \.(?:css|js)$ { location ~* \.(?:css|js)$ {
more_set_headers "Cache-Control: public, max-age=7200"; add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers # Add headers to serve security related headers
more_set_headers "Strict-Transport-Security: max-age=15768000"; add_header Strict-Transport-Security "max-age=15768000;";
more_set_headers "X-Content-Type-Options: nosniff"; add_header X-Content-Type-Options nosniff;
more_set_headers "X-XSS-Protection: 1; mode=block"; add_header X-XSS-Protection "1; mode=block";
more_set_headers "X-Robots-Tag: none"; add_header X-Robots-Tag none;
more_set_headers "X-Download-Options: noopen"; add_header X-Download-Options noopen;
more_set_headers "X-Permitted-Cross-Domain-Policies: none"; add_header X-Permitted-Cross-Domain-Policies none;
more_set_headers "Referrer-Policy: no-referrer"; add_header Referrer-Policy no-referrer;
# Optional: Don't log access to assets # Optional: Don't log access to assets
access_log off; access_log off;