Tomster/Vaultwarden-Docker-Compose
1
0
Fork 0
mirror of https://github.com/tommytran732/Vaultwarden-Docker-Compose synced 2024-09-19 17:34:42 -04:00
Code

Do not replace upstream permission policies

Browse Source 
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2023-08-29 05:20:28 -07:00 committed by GitHub
parent 392db240f9
commit 6e0ed8522a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Caddyfile
View File

@ -30,7 +30,7 @@
# log, so that fail2ban can ban the correct IP. # log, so that fail2ban can ban the correct IP.
header_up X-Real-IP {remote_host} header_up X-Real-IP {remote_host}
header_down Strict-Transport-Security "max-age=63072000; includeSubdomains; preload" header_down Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
header_down Permissions-Policy "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), serial=(), usb=(), sync-xhr=(), xr-spatial-tracking=()" header_down +Permissions-Policy "hid=(), idle-detection=(), interest-cohort=(), serial=()"
header_down +Content-Security-Policy "upgrade-insecure-requests; block-all-mixed-content; base-uri 'none'" header_down +Content-Security-Policy "upgrade-insecure-requests; block-all-mixed-content; base-uri 'none'"
header_down X-XSS-Protection "0" header_down X-XSS-Protection "0"
header_down Cross-Origin-Opener-Policy same-origin header_down Cross-Origin-Opener-Policy same-origin