Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-28 13:15:12 +01:00
Code Issues Projects Releases Wiki Activity

add X-Frame-Options specifically

Browse Source
This commit is contained in:
Kyle Spearrin 2018-08-31 22:37:49 -04:00
parent 2562d5a40d
commit 6b8fdc1a98
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
util/Nginx/security-headers.conf
View File

@ -1,4 +1,3 @@
add_header Referrer-Policy same-origin; add_header Referrer-Policy same-origin;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block"; add_header X-XSS-Protection "1; mode=block";

6
util/Setup/Templates/NginxConfig.hbs
View File

@ -55,6 +55,7 @@ server {
{{/if}} {{/if}}
include /etc/nginx/security-headers.conf; include /etc/nginx/security-headers.conf;
add_header Content-Security-Policy "{{{ContentSecurityPolicy}}}"; add_header Content-Security-Policy "{{{ContentSecurityPolicy}}}";
add_header X-Frame-Options SAMEORIGIN;
} }
location = /app-id.json { location = /app-id.json {
@ -103,5 +104,10 @@ server {
location /admin { location /admin {
proxy_pass http://admin:5000; proxy_pass http://admin:5000;
{{#if Ssl}}
include /etc/nginx/security-headers-ssl.conf;
{{/if}}
include /etc/nginx/security-headers.conf;
add_header X-Frame-Options SAMEORIGIN;
} }
} }