From 54261953e711e67e4ee28f788ea35bcab0e86654 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Wed, 30 Mar 2016 21:45:43 +0300
Subject: Set HTTP security headers.

See https://securityheaders.io .
---
 roles/common-web/files/etc/nginx/snippets/headers.conf | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 roles/common-web/files/etc/nginx/snippets/headers.conf

(limited to 'roles/common-web/files/etc/nginx/snippets/headers.conf')

diff --git a/roles/common-web/files/etc/nginx/snippets/headers.conf b/roles/common-web/files/etc/nginx/snippets/headers.conf
new file mode 100644
index 0000000..60e5ace
--- /dev/null
+++ b/roles/common-web/files/etc/nginx/snippets/headers.conf
@@ -0,0 +1,4 @@
+# https://securityheaders.io/
+add_header X-Frame-Options "SAMEORIGIN";
+add_header X-Content-Type-Options nosniff;
+add_header X-XSS-Protection "1; mode=block";
-- 
cgit v1.2.3