1
0
mirror of https://github.com/ArcticFoxes-net/Synapse-Ubuntu-ZFS synced 2024-11-18 00:21:32 -05:00
Synapse-Ubuntu-ZFS/etc/nginx/headers.conf
Tommy 9ffe09b639
Update Permissions-Policy
Signed-off-by: Tommy <contact@tommytran.io>
2023-12-07 14:42:56 -07:00

24 lines
1.3 KiB
Plaintext

proxy_hide_header Strict-Transport-Security;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
proxy_hide_header Permissions-Policy;
add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), bluetooth=(), browsing-topics=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), speaker-selection=(), usb=(), sync-xhr=(), xr-spatial-tracking=()" always;
proxy_hide_header Referrer-Policy;
add_header Referrer-Policy "same-origin" always;
proxy_hide_header X-Content-Type-Options;
add_header X-Content-Type-Options "nosniff" always;
proxy_hide_header X-Frame-Options;
add_header X-Frame-Options "SAMEORIGIN" always;
proxy_hide_header X-XSS-Protection;
add_header X-XSS-Protection "0" always;
proxy_hide_header Cross-Origin-Resource-Policy;
add_header Cross-Origin-Resource-Policy cross-origin;
proxy_hide_header Cross-Origin-Opener-Policy;
add_header Cross-Origin-Opener-Policy same-origin;