diff options
Diffstat (limited to 'hosts/vps')
| -rw-r--r-- | hosts/vps/configuration.nix | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/hosts/vps/configuration.nix b/hosts/vps/configuration.nix index 0030da6..3e5f929 100644 --- a/hosts/vps/configuration.nix +++ b/hosts/vps/configuration.nix @@ -56,7 +56,16 @@ https "max-age=31536000; includeSubdomains; preload"; } add_header Strict-Transport-Security $hsts_header; - #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; + add_header Content-Security-Policy + "default-src 'self'; \ + script-src 'self'; \ + style-src 'self'; \ + img-src 'self' data:; \ + font-src 'self'; \ + connect-src 'self'; \ + object-src 'none'; \ + frame-ancestors 'none'; \ + base-uri 'self';"; add_header 'Referrer-Policy' 'same-origin'; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; |