Remove Content-Security-Policy header
This commit is contained in:
parent
5ef80e7710
commit
4cce1da4cb
1 changed files with 0 additions and 1 deletions
|
|
@ -84,7 +84,6 @@ data:
|
||||||
ssl_certificate_key /etc/certs/tls.key;
|
ssl_certificate_key /etc/certs/tls.key;
|
||||||
server_name FQDN
|
server_name FQDN
|
||||||
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';
|
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';
|
||||||
add_header Content-Security-Policy "default-src 'self'; font-src *;img-src * data:; script-src *; style-src *";
|
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
add_header X-Frame-Options "SAMEORIGIN";
|
add_header X-Frame-Options "SAMEORIGIN";
|
||||||
add_header X-Content-Type-Options nosniff;
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue
