From ff9333a386064fad9c44efea3cf363d2a441007d Mon Sep 17 00:00:00 2001
From: Kayou <pierre.moltess@gmail.com>
Date: Sun, 10 Mar 2019 11:42:03 +0100
Subject: [PATCH] nginx: more_set_headers and not more_set_header

---
 conf/nginx.conf | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/conf/nginx.conf b/conf/nginx.conf
index 95f85c3..433d5d8 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -4,10 +4,9 @@ location __PATH__/ {
 	# Path to source
 	alias __FINALPATH__/ ;
 
-
 	# Force usage of https
 	if ($scheme = http) {
-    	rewrite ^ https://$server_name$request_uri? permanent;
+		rewrite ^ https://$server_name$request_uri? permanent;
 	}
 
  	index index.php;
@@ -24,13 +23,13 @@ location __PATH__/ {
 	}
 
 	# Add headers to serve security related headers
-	more_set_header Strict-Transport-Security "max-age=15768000;";
-	more_set_header X-Content-Type-Options nosniff;
-	more_set_header X-Frame-Options "SAMEORIGIN";
-	more_set_header X-XSS-Protection "1; mode=block";
-	more_set_header X-Robots-Tag none;
-	more_set_header X-Download-Options noopen;
-	more_set_header X-Permitted-Cross-Domain-Policies none;
+	more_set_headers Strict-Transport-Security "max-age=15768000;";
+	more_set_headers X-Content-Type-Options nosniff;
+	more_set_headers X-Frame-Options "SAMEORIGIN";
+	more_set_headers X-XSS-Protection "1; mode=block";
+	more_set_headers X-Robots-Tag none;
+	more_set_headers X-Download-Options noopen;
+	more_set_headers X-Permitted-Cross-Domain-Policies none;
 
 	location ~^/(tmp|config|\.ht)/{
 		deny all;
@@ -42,7 +41,7 @@ location __PATH__/ {
 		# cacher.
 		rewrite ^/([^/]*)/favicon\.ico$   __PATH__/spip.php?page=favicon.ico   last;
 		expires        1w; 
-		more_set_header  Cache-Control public;
+		more_set_headers  Cache-Control public;
 	}
 	
 	location ~ [^/]\.php(/|$) {