1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/spip_ynh.git synced 2024-09-03 20:25:59 +02:00

nginx: more_set_headers and not more_set_header

This commit is contained in:
Kayou 2019-03-10 11:42:03 +01:00
parent ea91589ae9
commit ff9333a386
No known key found for this signature in database
GPG key ID: 823A2CBE071D3126

View file

@ -4,7 +4,6 @@ location __PATH__/ {
# Path to source # Path to source
alias __FINALPATH__/ ; alias __FINALPATH__/ ;
# Force usage of https # Force usage of https
if ($scheme = http) { if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent; rewrite ^ https://$server_name$request_uri? permanent;
@ -24,13 +23,13 @@ location __PATH__/ {
} }
# Add headers to serve security related headers # Add headers to serve security related headers
more_set_header Strict-Transport-Security "max-age=15768000;"; more_set_headers Strict-Transport-Security "max-age=15768000;";
more_set_header X-Content-Type-Options nosniff; more_set_headers X-Content-Type-Options nosniff;
more_set_header X-Frame-Options "SAMEORIGIN"; more_set_headers X-Frame-Options "SAMEORIGIN";
more_set_header X-XSS-Protection "1; mode=block"; more_set_headers X-XSS-Protection "1; mode=block";
more_set_header X-Robots-Tag none; more_set_headers X-Robots-Tag none;
more_set_header X-Download-Options noopen; more_set_headers X-Download-Options noopen;
more_set_header X-Permitted-Cross-Domain-Policies none; more_set_headers X-Permitted-Cross-Domain-Policies none;
location ~^/(tmp|config|\.ht)/{ location ~^/(tmp|config|\.ht)/{
deny all; deny all;
@ -42,7 +41,7 @@ location __PATH__/ {
# cacher. # cacher.
rewrite ^/([^/]*)/favicon\.ico$ __PATH__/spip.php?page=favicon.ico last; rewrite ^/([^/]*)/favicon\.ico$ __PATH__/spip.php?page=favicon.ico last;
expires 1w; expires 1w;
more_set_header Cache-Control public; more_set_headers Cache-Control public;
} }
location ~ [^/]\.php(/|$) { location ~ [^/]\.php(/|$) {