13 lines
887 B
Plaintext
Executable File
13 lines
887 B
Plaintext
Executable File
# add_header from parent blocks are ignored when the current block also calls add_header
|
|
# Thus the need for this snippet, to redefine the same headers in many blocks
|
|
# See http://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header
|
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
|
|
# opt out Google Floc see: https://plausible.io/blog/google-floc#how-to-opt-out-of-floc-as-a-web-developer-set-a-permissions-policy
|
|
add_header Permissions-Policy interest-cohort=();
|
|
# source: https://gist.github.com/plentz/6737338
|
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
|
# source: https://scotthelme.co.uk/hardening-your-http-response-headers/#x-content-type-options
|
|
add_header X-Content-Type-Options 'nosniff' always;
|
|
# source: https://scotthelme.co.uk/a-new-security-header-referrer-policy/
|
|
add_header Referrer-Policy 'strict-origin' always;
|