Matrix-Mirrors/matrix.grapheneos.org
1
0
Fork 0
mirror of https://github.com/GrapheneOS/matrix.grapheneos.org.git synced 2024-12-18 20:34:39 -05:00
Code Issues Packages Projects Releases Wiki Activity

set up basic frame security headers

Browse Source
This commit is contained in:
Daniel Micay 2021-06-18 05:05:39 -04:00
parent f9a50f988a
commit 144698a02f
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
nginx/nginx.conf
View File

@ -89,6 +89,8 @@ http {
root /usr/share/webapps/element; root /usr/share/webapps/element;
include snippets/security-headers.conf; include snippets/security-headers.conf;
add_header Content-Security-Policy "frame-ancestors 'self'";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Robots-Tag "none"; add_header X-Robots-Tag "none";
} }
@ -100,13 +102,19 @@ http {
root /var/empty; root /var/empty;
include snippets/security-headers.conf; include snippets/security-headers.conf;
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";
location = / { location = / {
return 301 https://grapheneos.org/articles/grapheneos-servers#matrix.grapheneos.org; return 301 https://grapheneos.org/articles/grapheneos-servers#matrix.grapheneos.org;
} }
location ~* ^(\/_matrix|\/_synapse\/client) { location ~* ^(\/_matrix|\/_synapse\/client) {
proxy_hide_header Content-Security-Policy;
proxy_hide_header X-Frame-Options;
include snippets/security-headers.conf; include snippets/security-headers.conf;
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";
add_header X-Robots-Tag "none"; add_header X-Robots-Tag "none";
proxy_pass http://backend; proxy_pass http://backend;