mailinabox/conf/nginx/security.conf

6 lines
360 B
Plaintext
Raw Normal View History

2021-08-01 22:05:12 +00:00
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options nosniff;
add_header Content-Security-Policy-Report-Only "default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;frame-ancestors 'self'";
add_header Referrer-Policy "strict-origin";