CodeMirror/budibase
1
0
Fork 0
mirror of synced 2024-09-09 22:16:26 +12:00
Code Issues Projects Releases Wiki Activity

Merge pull request #13842 from Budibase/security-audit

Browse source 
NGINX headers for security audit
This commit is contained in:
Martin McKeaveney 2024-06-04 12:43:55 +01:00 committed by GitHub
commit 3f0cc073f1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
hosting/proxy/nginx.prod.conf
View file

@ -74,6 +74,7 @@ http {
add_header X-Content-Type-Options nosniff always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Content-Security-Policy "${csp_default}; ${csp_script}; ${csp_style}; ${csp_object}; ${csp_base_uri}; ${csp_connect}; ${csp_font}; ${csp_frame}; ${csp_img}; ${csp_manifest}; ${csp_media}; ${csp_worker};" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
# upstreams
set $apps ${APPS_UPSTREAM_URL};

2
packages/pro

@ -1 +1 @@
Subproject commit 5189b83bea1868574ff7f4c51fe5db38a11badb8
Subproject commit d3c3077011a8e20ed3c48dcd6301caca4120b6ac