Infra-Mirrors/docker-swag
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-swag.git synced 2024-07-01 00:51:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #30 from linuxserver/frame-ancestors

Browse Source 
Set frame-ancestors in Content-Security-Policy
This commit is contained in:
aptalca 2020-10-29 12:07:07 -04:00 committed by GitHub
commit 3e3dccd836
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -322,6 +322,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
* **29.10.20:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) ssl.conf - Add frame-ancestors to Content-Security-Policy.
* **04.10.20:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, proxy.conf, and ssl.conf - Minor cleanups and reordering.
* **20.09.20:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf - Added geoip2 configs. Added MAXMINDDB_LICENSE_KEY variable to readme.
* **08.09.20:** - Add php7-xsl.

1
readme-vars.yml
View File

@ -149,6 +149,7 @@ app_setup_nginx_reverse_proxy_block: ""
# changelog
changelogs:
- { date: "29.10.20:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) ssl.conf - Add frame-ancestors to Content-Security-Policy." }
- { date: "04.10.20:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, proxy.conf, and ssl.conf - Minor cleanups and reordering." }
- { date: "20.09.20:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf - Added geoip2 configs. Added MAXMINDDB_LICENSE_KEY variable to readme."}
- { date: "08.09.20:", desc: "Add php7-xsl." }

4
root/defaults/ssl.conf
View File

@ -1,4 +1,4 @@
## Version 2020/10/04 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/ssl.conf
## Version 2020/10/29 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/ssl.conf
### Mozilla Recommendations
# generated 2020-06-17, Mozilla Guideline v5.4, nginx 1.18.0-r0, OpenSSL 1.1.1g-r0, intermediate configuration
@ -40,7 +40,7 @@ ssl_early_data on;
# Optional additional headers
#add_header Cache-Control "no-transform" always;
#add_header Content-Security-Policy "upgrade-insecure-requests";
#add_header Content-Security-Policy "upgrade-insecure-requests; frame-ancestors 'self'";
#add_header Referrer-Policy "same-origin" always;
#add_header X-Content-Type-Options "nosniff" always;
#add_header X-Frame-Options "SAMEORIGIN" always;