mirror/dockerpress
1
0
Fork 0
mirror of https://github.com/luizeof/dockerpress.git synced 2026-06-19 07:37:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

headers

Browse Source
This commit is contained in:
Luiz Eduardo
2021-10-05 19:20:24 +00:00
parent 9dd7d33c7a
commit 08883f8df8
1 changed files with 2 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apache/conf/mozilla-observatory.conf
+2 -7
View File
@@ -2,7 +2,8 @@
# Pre-existing site that uses too much inline code to fix
# but wants to ensure resources are loaded only over https and disable plugins
Content-Security-Policy "default-src *; object-src 'none'"
# Clickjacking protection, using frame-ancestors
Content-Security-Policy "default-src *; object-src 'none'; frame-ancestors 'self';"
#This directive will add the CORS header for all resources in the directory from any website.
Header set Access-Control-Allow-Origin "*"
@@ -21,10 +22,4 @@ Header set X-Frame-Options "SAMEORIGIN"
Header set Content-Security-Policy "upgrade-insecure-requests"
Header set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
# Clickjacking protection, using frame-ancestors
Header set Content-Security-Policy "frame-ancestors 'self';"
# Restricts use of the <base> tag by using base-uri 'none', base-uri 'self', or specific origins
Header set Content-Security-Policy "default-src 'self';"
</IfModule>