support content-security-policy.
This commit is contained in:
parent
7eb04a8e36
commit
9fe5a57720
|
@ -22,6 +22,25 @@ server {
|
|||
|
||||
client_max_body_size {{ docker_pep_max_body_size | default('100M') }};
|
||||
|
||||
{% if docker_pep_xss_protection | default(True) %}
|
||||
proxy_hide_header X-XSS-Protection;
|
||||
add_header X-XSS-Protection "1; mode=block;";
|
||||
{% endif %}
|
||||
{% if docker_pep_frame_origin | default(False) %}
|
||||
proxy_hide_header X-Frame-Options;
|
||||
add_header X-Frame-Options "{{ docker_pep_x_frame_options }}";
|
||||
{% endif %}
|
||||
{% if docker_pep_set_content_security_options | default(False) %}
|
||||
proxy_hide_header Content-Security-Policy;
|
||||
{% if docker_pep_disable_content_security_options | default(False) %}
|
||||
add_header Content-Security-Policy "";
|
||||
{% else %}
|
||||
add_header Content-Security-Policy "frame-src{% for s in docker_pep_content_security_src_acl %} {{ s }}{% endfor %}; frame-ancestors{% for l in docker_pep_content_security_ancestor_acl %} {{ l }}{% endfor %};";
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
server_tokens off;
|
||||
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection "";
|
||||
proxy_set_header Host $http_host;
|
||||
|
|
Loading…
Reference in New Issue