gCubeSystem
/
d4s-nginx-pep-examples
16
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

support content-security-policy.

This commit is contained in:
Andrea Dell'Amico 2022-10-24 13:37:30 +02:00
parent 7eb04a8e36
commit 9fe5a57720
Signed by: andrea.dellamico
GPG Key ID: 147ABE6CEB9E20FF
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
gcube-token-docker/nginx.default.conf.j2
View File

@ -22,6 +22,25 @@ server {
client_max_body_size {{ docker_pep_max_body_size | default('100M') }};
{% if docker_pep_xss_protection | default(True) %}
proxy_hide_header X-XSS-Protection;
add_header X-XSS-Protection "1; mode=block;";
{% endif %}
{% if docker_pep_frame_origin | default(False) %}
proxy_hide_header X-Frame-Options;
add_header X-Frame-Options "{{ docker_pep_x_frame_options }}";
{% endif %}
{% if docker_pep_set_content_security_options | default(False) %}
proxy_hide_header Content-Security-Policy;
{% if docker_pep_disable_content_security_options | default(False) %}
add_header Content-Security-Policy "";
{% else %}
add_header Content-Security-Policy "frame-src{% for s in docker_pep_content_security_src_acl %} {{ s }}{% endfor %}; frame-ancestors{% for l in docker_pep_content_security_ancestor_acl %} {{ l }}{% endfor %};";
{% endif %}
{% endif %}
server_tokens off;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $http_host;