support content-security-policy.
This commit is contained in:
parent
7eb04a8e36
commit
9fe5a57720
|
@ -22,6 +22,25 @@ server {
|
||||||
|
|
||||||
client_max_body_size {{ docker_pep_max_body_size | default('100M') }};
|
client_max_body_size {{ docker_pep_max_body_size | default('100M') }};
|
||||||
|
|
||||||
|
{% if docker_pep_xss_protection | default(True) %}
|
||||||
|
proxy_hide_header X-XSS-Protection;
|
||||||
|
add_header X-XSS-Protection "1; mode=block;";
|
||||||
|
{% endif %}
|
||||||
|
{% if docker_pep_frame_origin | default(False) %}
|
||||||
|
proxy_hide_header X-Frame-Options;
|
||||||
|
add_header X-Frame-Options "{{ docker_pep_x_frame_options }}";
|
||||||
|
{% endif %}
|
||||||
|
{% if docker_pep_set_content_security_options | default(False) %}
|
||||||
|
proxy_hide_header Content-Security-Policy;
|
||||||
|
{% if docker_pep_disable_content_security_options | default(False) %}
|
||||||
|
add_header Content-Security-Policy "";
|
||||||
|
{% else %}
|
||||||
|
add_header Content-Security-Policy "frame-src{% for s in docker_pep_content_security_src_acl %} {{ s }}{% endfor %}; frame-ancestors{% for l in docker_pep_content_security_ancestor_acl %} {{ l }}{% endfor %};";
|
||||||
|
{% endif %}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
server_tokens off;
|
||||||
|
|
||||||
proxy_http_version 1.1;
|
proxy_http_version 1.1;
|
||||||
proxy_set_header Connection "";
|
proxy_set_header Connection "";
|
||||||
proxy_set_header Host $http_host;
|
proxy_set_header Host $http_host;
|
||||||
|
|
Loading…
Reference in New Issue