Referrer-Policy, Content-Security-Policy

2025-08-09 14:07:27 +08:00 · 2018-02-23 01:40:17 +01:00
parent abae124a93
commit e088698bec
4 changed files with 86 additions and 39 deletions
--- a/public/templates/conf/_general.conf.html
+++ b/public/templates/conf/_general.conf.html
@@ -3,6 +3,10 @@ add_header X-Frame-Options "SAMEORIGIN" always;
 add_header X-XSS-Protection "1; mode=block" always;
 add_header X-Content-Type-Options "nosniff" always;
 add_header X-UA-Compatible "IE=Edge" always;
+add_header Referrer-Policy "{{ data.referrer_policy }}" always;<!--
+
+✔ CSP--><span ng-if="isCSP()">
+add_header Content-Security-Policy "{{ data.content_security_policy }}" always;</span>

 # . files
 location ~ /\. {