liv/nixos-config
1
0
Fork 0
mirror of https://github.com/Ahwxorg/nixos-config.git synced 2025-12-04 15:00:13 +01:00
Code Issues 1 Projects Releases Packages Wiki Activity Actions

fix: some nginx headers etc? (100% @ internet.nl)

Browse source
This commit is contained in:
Ahwx 2024-07-17 15:19:19 +02:00
parent d13dfa042b
commit c0a95a671e
1 changed files with 1 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

5
modules/services/matrix/default.nix
View file

@ -47,10 +47,7 @@ in {
add_header Strict-Transport-Security $hsts_header; add_header Strict-Transport-Security $hsts_header;
# Enable CSP for your services. # Enable CSP for your services.
add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; add_header Content-Security-Policy "default-src 'self'; base-uri 'self'; frame-src 'self'; frame-ancestors 'self'; form-action 'self';" always;
# Minimize information leaked to other domains
add_header 'Referrer-Policy' 'origin-when-cross-origin';
# Disable embedding as a frame # Disable embedding as a frame
add_header X-Frame-Options DENY; add_header X-Frame-Options DENY;