mirror of
https://github.com/mattermost/docker.git
synced 2024-10-18 02:35:54 +00:00
Minor Nginx tweaks
Because of privacy concerns it's desirable to disable referrer, FLoC and Cloudflare as resolver.
This commit is contained in:
parent
f316858850
commit
51b61fb2d8
@ -61,7 +61,7 @@ server {
|
|||||||
# OCSP stapling
|
# OCSP stapling
|
||||||
ssl_stapling on;
|
ssl_stapling on;
|
||||||
ssl_stapling_verify on;
|
ssl_stapling_verify on;
|
||||||
resolver 1.1.1.1;
|
#resolver 1.1.1.1;
|
||||||
|
|
||||||
# verify chain of trust of OCSP response using Root CA and Intermediate certs
|
# verify chain of trust of OCSP response using Root CA and Intermediate certs
|
||||||
#ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
|
#ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
|
||||||
@ -72,8 +72,9 @@ server {
|
|||||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||||
add_header X-XSS-Protection "1; mode=block" always;
|
add_header X-XSS-Protection "1; mode=block" always;
|
||||||
add_header X-Content-Type-Options "nosniff" always;
|
add_header X-Content-Type-Options "nosniff" always;
|
||||||
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
|
add_header Referrer-Policy no-referrer;
|
||||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||||
|
add_header Permissions-Policy "interest-cohort=()";
|
||||||
|
|
||||||
## locations
|
## locations
|
||||||
# ACME-challenge
|
# ACME-challenge
|
||||||
|
Loading…
Reference in New Issue
Block a user