install/nextcloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

install_nextcloud.sh: adjust nginx vhost configuration (Secure http header).

Browse Source
This commit is contained in:
Christoph 2024-09-29 15:23:23 +02:00
parent af72080472
commit 38e5241ec7
1 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
install_nextcloud.sh
View File

@ -5096,9 +5096,14 @@ server {
add_header X-Download-Options "noopen" always; add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always; add_header X-Robots-Tag "noindex, nofollowi" always;
add_header X-XSS-Protection "1; mode=block" always; add_header X-XSS-Protection "1; mode=block" always;
add_header X-Download-Options "noopen" always;
add_header Permissions-Policy "geolocation=(),microphone=(),camera=()" always;
add_header Feature-Policy "geolocation none;microphone none;camera none;" always;
add_header Set-Cookie "Path=/; HttpOnly; Secure" always;
# Remove X-Powered-By, which is an information leak # Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By; fastcgi_hide_header X-Powered-By;