ab-nginx/config/headersSecurity.conf
2019-10-17 18:49:36 -06:00

12 lines
395 B
Plaintext

add_header Feature-Policy "geolocation 'self'";
add_header Referrer-Policy "strict-origin" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options noopen;
add_header X-Frame-Options DENY;
add_header X-Permitted-Cross-Domain-Policies none;
add_header X-UA-Compatible "IE=edge";
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Robots-Tag none;