fatchan
/
jschan
mirror of https://gitgud.io/fatchan/jschan.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

comma missing in referrer policy header

Browse Source
merge-requests/208/head
Thomas Lynch 4 years ago
parent 97ba9247a8
commit b7b3bfc740
3 changed files with 3 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      configs/nginx/nginx.example
  2. 2
      configs/nginx/nginx_no_https.example
  3. 2
      configs/nginx/snippets/security_headers.conf

2
configs/nginx/nginx.example
Unescape View File

@ -10,7 +10,7 @@ server {
add_header Cache-Control "public";
add_header Content-Security-Policy "default-src 'self'; img-src 'self' blob:; object-src 'self' blob:; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.youtube.com/embed/ https://www.bitchute.com/embed/";
add_header Referrer-Policy "same-origin strict-origin-when-cross-origin" always;
add_header Referrer-Policy "same-origin, strict-origin-when-cross-origin" always;
add_header X-Frame-Options "sameorigin" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;

2
configs/nginx/nginx_no_https.example
Unescape View File

@ -10,7 +10,7 @@ server {
add_header Cache-Control "public";
add_header Content-Security-Policy "default-src 'self'; img-src 'self' blob:; object-src 'self' blob:; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.youtube.com/embed/ https://www.bitchute.com/embed/";
add_header Referrer-Policy "same-origin strict-origin-when-cross-origin" always;
add_header Referrer-Policy "same-origin, strict-origin-when-cross-origin" always;
add_header X-Frame-Options "sameorigin" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;

2
configs/nginx/snippets/security_headers.conf
Unescape View File

@ -1,6 +1,6 @@
add_header Cache-Control "public";
add_header Content-Security-Policy "default-src 'self'; img-src 'self' blob:; object-src 'self' blob:; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.youtube.com/embed/ https://www.bitchute.com/embed/";
add_header Referrer-Policy "same-origin strict-origin-when-cross-origin" always;
add_header Referrer-Policy "same-origin, strict-origin-when-cross-origin" always;
add_header X-Frame-Options "sameorigin" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;

Write Preview
Loading…
Cancel
Save