free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Move header options around to give onion sites better protection

This commit is contained in:
Bob Mottram 2018-03-05 17:39:06 +00:00
parent 5f8d2d9161
commit eec34f4740
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/freedombone-utils-web
View File

@ -76,6 +76,10 @@ function nginx_disable_sniffing {
filename=/etc/nginx/sites-available/$domain_name
{ echo ' add_header X-Frame-Options DENY;';
echo ' add_header X-Content-Type-Options nosniff;';
echo ' add_header X-XSS-Protection "1; mode=block";';
echo ' add_header X-Robots-Tag none;';
echo ' add_header X-Download-Options noopen;';
echo ' add_header X-Permitted-Cross-Domain-Policies none;';
echo ''; } >> "$filename"
}
@ -157,11 +161,7 @@ function nginx_ssl {
else
echo " ssl_ciphers '$SSL_CIPHERS';" >> "$filename"
fi
{ echo " add_header Content-Security-Policy \"default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'\";";
echo ' add_header X-XSS-Protection "1; mode=block";';
echo ' add_header X-Robots-Tag none;';
echo ' add_header X-Download-Options noopen;';
echo ' add_header X-Permitted-Cross-Domain-Policies none;'; } >> "$filename"
echo " add_header Content-Security-Policy \"default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'\";" >> "$filename"
#nginx_stapling $1
}