Interanet/jitsi-meet-deployment
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

web: set security headers also for non HTTPS

Browse Source 
Fixes: #493
This commit is contained in:
Jakub Onderka
2020-07-22 17:23:23 +02:00
committed by GitHub
parent e6586f2ad2
commit 2a0120de8b
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
web/rootfs/defaults/ssl.conf
View File

@@ -20,5 +20,3 @@ ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-
# headers
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";