CodeMirror/budibase
1
0
Fork 0
mirror of synced 2024-10-03 02:27:06 +13:00
Code Issues Projects Releases Wiki Activity

NGINX headers for security audit

Browse source
This commit is contained in:
Martin McKeaveney 2024-06-03 15:05:18 +01:00
parent 45e4e791a5
commit 3909bbcfc0
2 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
hosting/proxy/nginx.prod.conf
View file

@ -74,6 +74,7 @@ http {
add_header X-Content-Type-Options nosniff always; add_header X-Content-Type-Options nosniff always;
add_header X-XSS-Protection "1; mode=block" always; add_header X-XSS-Protection "1; mode=block" always;
add_header Content-Security-Policy "${csp_default}; ${csp_script}; ${csp_style}; ${csp_object}; ${csp_base_uri}; ${csp_connect}; ${csp_font}; ${csp_frame}; ${csp_img}; ${csp_manifest}; ${csp_media}; ${csp_worker};" always; add_header Content-Security-Policy "${csp_default}; ${csp_script}; ${csp_style}; ${csp_object}; ${csp_base_uri}; ${csp_connect}; ${csp_font}; ${csp_frame}; ${csp_img}; ${csp_manifest}; ${csp_media}; ${csp_worker};" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
# upstreams # upstreams
set $apps ${APPS_UPSTREAM_URL}; set $apps ${APPS_UPSTREAM_URL};

2
packages/account-portal

@ -1 +1 @@
Subproject commit c167c331ff9b8161fc18e2ecbaaf1ea5815ba964 Subproject commit 2a5022fb946481c9f7a9c38d1413922729972be0