YunoHost-Apps/nextcloud_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/nextcloud_ynh.git synced 2024-09-03 19:55:57 +02:00
Code Issues Activity Actions

Adapt nginx configuration to avoid double headers due to core change (8cb029a55e)

Browse source
This commit is contained in:
Jimmy Monin 2019-02-07 21:41:32 +01:00
parent 94087e89d5
commit c3480daae6
1 changed files with 17 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
conf/nginx.conf
View file

@ -13,13 +13,13 @@ location ^~ __PATH__ {
} }
# Add headers to serve security related headers # Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000;"; more_set_headers "Strict-Transport-Security: max-age=15768000";
add_header X-Content-Type-Options nosniff; more_set_headers "X-Content-Type-Options: nosniff";
add_header X-XSS-Protection "1; mode=block"; more_set_headers "X-XSS-Protection: 1; mode=block";
add_header X-Robots-Tag none; more_set_headers "X-Robots-Tag: none";
add_header X-Download-Options noopen; more_set_headers "X-Download-Options: noopen";
add_header X-Permitted-Cross-Domain-Policies none; more_set_headers "X-Permitted-Cross-Domain-Policies: none";
add_header Referrer-Policy no-referrer; more_set_headers "Referrer-Policy: no-referrer";
# Set max upload size # Set max upload size
client_max_body_size 10G; client_max_body_size 10G;
@ -78,15 +78,15 @@ location ^~ __PATH__ {
# Adding the cache control header for js and css files # Adding the cache control header for js and css files
location ~* \.(?:css|js)$ { location ~* \.(?:css|js)$ {
add_header Cache-Control "public, max-age=7200"; more_set_headers "Cache-Control: public, max-age=7200";
# Add headers to serve security related headers # Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000;"; more_set_headers "Strict-Transport-Security: max-age=15768000";
add_header X-Content-Type-Options nosniff; more_set_headers "X-Content-Type-Options: nosniff";
add_header X-XSS-Protection "1; mode=block"; more_set_headers "X-XSS-Protection: 1; mode=block";
add_header X-Robots-Tag none; more_set_headers "X-Robots-Tag: none";
add_header X-Download-Options noopen; more_set_headers "X-Download-Options: noopen";
add_header X-Permitted-Cross-Domain-Policies none; more_set_headers "X-Permitted-Cross-Domain-Policies: none";
add_header Referrer-Policy no-referrer; more_set_headers "Referrer-Policy: no-referrer";
# Optional: Don't log access to assets # Optional: Don't log access to assets
access_log off; access_log off;