From c0a95a671ecfe8c6581ddb7c73fea8fd755411e7 Mon Sep 17 00:00:00 2001
From: Ahwx <ahwx@ahwx.org>
Date: Wed, 17 Jul 2024 15:19:19 +0200
Subject: [PATCH] fix: some nginx headers etc? (100% @ internet.nl)

---
 modules/services/matrix/default.nix | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/modules/services/matrix/default.nix b/modules/services/matrix/default.nix
index 563f3ad..f8a83fd 100644
--- a/modules/services/matrix/default.nix
+++ b/modules/services/matrix/default.nix
@@ -47,10 +47,7 @@ in {
         add_header Strict-Transport-Security $hsts_header;
 
         # Enable CSP for your services.
-        add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
-
-        # Minimize information leaked to other domains
-        add_header 'Referrer-Policy' 'origin-when-cross-origin';
+        add_header Content-Security-Policy "default-src 'self'; base-uri 'self'; frame-src 'self'; frame-ancestors 'self'; form-action 'self';" always;
 
         # Disable embedding as a frame
         add_header X-Frame-Options DENY;