novaburst/funquail
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

See #880: added CSP policy in deployment files

Browse source
This commit is contained in:
Eliot Berriot 2019-07-10 15:11:29 +02:00
commit 9c5f623d03
No known key found for this signature in database
GPG key ID: DD6965E2476E5C27
5 changed files with 25 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
deploy/docker.proxy.template
View file

@ -29,6 +29,9 @@ server {
# HSTS
add_header Strict-Transport-Security "max-age=31536000";
# Security related headers
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
# compression settings
gzip on;
gzip_comp_level 5;