thary/sp-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Temporarily disabled CSP headers as they tend to break some of our applications

Browse Source
This commit is contained in:
Illia Chub
2021-12-21 08:18:38 +02:00
parent b7f49e52c0
commit ae8e8b2c9b
1 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
webserver/nginx.nix
View File

@@ -28,7 +28,7 @@ in
limit_conn perserver 1000; limit_conn perserver 1000;
limit_req zone=mylimit burst=35 delay=25; limit_req zone=mylimit burst=35 delay=25;
add_header Strict-Transport-Security $hsts_header; add_header Strict-Transport-Security $hsts_header;
add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header X-Frame-Options DENY; add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
@@ -46,7 +46,7 @@ in
limit_conn perserver 1000; limit_conn perserver 1000;
limit_req zone=mylimit burst=35 delay=25; limit_req zone=mylimit burst=35 delay=25;
add_header Strict-Transport-Security $hsts_header; add_header Strict-Transport-Security $hsts_header;
add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header X-Frame-Options DENY; add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
@@ -64,7 +64,7 @@ in
limit_conn perserver 1000; limit_conn perserver 1000;
limit_req zone=mylimit burst=35 delay=25; limit_req zone=mylimit burst=35 delay=25;
add_header Strict-Transport-Security $hsts_header; add_header Strict-Transport-Security $hsts_header;
add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header X-Frame-Options DENY; add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
@@ -87,7 +87,7 @@ in
limit_conn perserver 1000; limit_conn perserver 1000;
limit_req zone=mylimit burst=35 delay=25; limit_req zone=mylimit burst=35 delay=25;
add_header Strict-Transport-Security $hsts_header; add_header Strict-Transport-Security $hsts_header;
add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header X-Frame-Options DENY; add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
@@ -112,7 +112,7 @@ in
limit_conn perserver 1000; limit_conn perserver 1000;
limit_req zone=mylimit burst=35 delay=25; limit_req zone=mylimit burst=35 delay=25;
add_header Strict-Transport-Security $hsts_header; add_header Strict-Transport-Security $hsts_header;
add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header X-Frame-Options DENY; add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
@@ -156,7 +156,7 @@ in
limit_conn perserver 1000; limit_conn perserver 1000;
limit_req zone=mylimit burst=35 delay=25; limit_req zone=mylimit burst=35 delay=25;
add_header Strict-Transport-Security $hsts_header; add_header Strict-Transport-Security $hsts_header;
add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header X-Frame-Options DENY; add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
@@ -179,7 +179,7 @@ in
limit_conn perserver 1000; limit_conn perserver 1000;
limit_req zone=mylimit burst=35 delay=25; limit_req zone=mylimit burst=35 delay=25;
add_header Strict-Transport-Security $hsts_header; add_header Strict-Transport-Security $hsts_header;
add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header X-Frame-Options DENY; add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
@@ -203,7 +203,7 @@ in
limit_conn perserver 1000; limit_conn perserver 1000;
limit_req zone=mylimit burst=35 delay=25; limit_req zone=mylimit burst=35 delay=25;
add_header Strict-Transport-Security $hsts_header; add_header Strict-Transport-Security $hsts_header;
add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header X-Frame-Options DENY; add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;