Frontend: Add CSP header

Signed-off-by: Fred Boniface <fred@fjla.uk>
This commit is contained in:
Fred Boniface 2023-02-03 21:11:41 +00:00
parent 6cbd13893b
commit 94780521a6

View File

@ -27,6 +27,8 @@ http {
server_name localhost; server_name localhost;
proxy_cache owl_cache; proxy_cache owl_cache;
add_header Content-Security-Policy "default-src 'self'";
location / { location / {
root /site-static/; root /site-static/;
index index.html; index index.html;
@ -42,8 +44,6 @@ http {
proxy_cache_key $scheme://$host$uri$is_args$query_string; proxy_cache_key $scheme://$host$uri$is_args$query_string;
proxy_ignore_headers Cache-Control; proxy_ignore_headers Cache-Control;
proxy_cache_valid 200 2m; # Evaluate whether 2m or 1m is more appropriate proxy_cache_valid 200 2m; # Evaluate whether 2m or 1m is more appropriate
gzip on;
brotli on;
expires 2m; expires 2m;
add_header Cache-Control "private, no-transform"; add_header Cache-Control "private, no-transform";
} }