diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2016-12-13 20:36:38 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2016-12-13 20:36:38 +0100 |
commit | 63b76b4deee43d586ee741415d03f5962e5fafc8 (patch) | |
tree | c50aa05d477723f605b7f7f4fe880030df780f98 | |
parent | b0869dd3b4e6f72060185b32f19d28351b560998 (diff) |
nginx: set Referrer-Policy HTTP header to "no-referrer".
-rw-r--r-- | roles/common-web/files/etc/nginx/snippets/headers.conf | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/roles/common-web/files/etc/nginx/snippets/headers.conf b/roles/common-web/files/etc/nginx/snippets/headers.conf index 60e5ace..798a151 100644 --- a/roles/common-web/files/etc/nginx/snippets/headers.conf +++ b/roles/common-web/files/etc/nginx/snippets/headers.conf @@ -1,4 +1,5 @@ # https://securityheaders.io/ +add_header Referrer-Policy no-referrer; add_header X-Frame-Options "SAMEORIGIN"; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; |