tudor.stanciu/reverse-proxy-frontend
tudor.stanciu/reverse-proxy-frontend
1
0
Fork 0
mirror of https://dev.azure.com/tstanciu94/ReverseProxy/_git/ReverseProxy_Frontend synced 2025-10-03 16:49:04 +03:00
Code Issues 3 Packages Projects Releases Wiki Activity

Update Content-Security-Policy to enhance security by removing unnecessary directives

Browse Source
This commit is contained in:
Tudor Stanciu 2025-09-29 00:09:25 +03:00
parent 8c09c498e5
commit 89c0ab6690
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nginx.conf
View File

@ -43,7 +43,7 @@ http {
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src 'self' http: https: data: blob:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: blob:" always;
add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
# Static assets caching - works for any subfolder or root
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2)$ {