|
|
@ -9,7 +9,7 @@ server { |
|
|
|
server_tokens off; |
|
|
|
server_tokens off; |
|
|
|
|
|
|
|
|
|
|
|
add_header Cache-Control "public"; |
|
|
|
add_header Cache-Control "public"; |
|
|
|
add_header Content-Security-Policy "default-src 'self'; img-src 'self' blob:; object-src 'self' blob:; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.youtube.com/embed/ https://www.bitchute.com/embed/; connect-src 'self' wss://doimain.com"; |
|
|
|
add_header Content-Security-Policy "default-src 'self'; img-src 'self' blob:; object-src 'self' blob:; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.youtube.com/embed/ https://www.bitchute.com/embed/; connect-src 'self' wss://domain.com/"; |
|
|
|
add_header Referrer-Policy "same-origin, strict-origin-when-cross-origin" always; |
|
|
|
add_header Referrer-Policy "same-origin, strict-origin-when-cross-origin" always; |
|
|
|
add_header X-Frame-Options "sameorigin" always; |
|
|
|
add_header X-Frame-Options "sameorigin" always; |
|
|
|
add_header X-Content-Type-Options "nosniff" always; |
|
|
|
add_header X-Content-Type-Options "nosniff" always; |
|
|
|