Wed May 01 18:31:25+0200 2019
d669852
Add headers to lepiller.eu configuration
systems/hermes.scm
| 54 | 54 | (index '("index.$language_suffix.html" "index.html")) | |
| 55 | 55 | (try-files '("$uri.$language_suffix.html" "$uri" "$uri/" "=404")) | |
| 56 | 56 | (raw-content | |
| 57 | - | '("set $first_language $http_accept_language;" | |
| 57 | + | '("add_header Strict-Transport-Security \"max-age=31536000; includeSubDomains\" always;" | |
| 58 | + | "add_header X-Frame-Options DENY;" | |
| 59 | + | "add_header X-Content-Type-Options nosniff;" | |
| 60 | + | "add_header Content-Security-Policy 'default-src \\'none\\'; img-src \\'self\\'; style-src \\'self\\' \\'unsafe-inline\\'; frame-ancestors \\'none\\'';" | |
| 61 | + | "add_header Referrer-Policy no-referrer;" | |
| 62 | + | "set $first_language $http_accept_language;" | |
| 58 | 63 | "if ($http_accept_language ~* '(en|eo|fr)') {" | |
| 59 | 64 | " set $first_language $1;" | |
| 60 | 65 | "}" | |
… | |||
| 75 | 80 | " set $my_uri $1.$language_suffix.html;" | |
| 76 | 81 | "}" | |
| 77 | 82 | "location ~ \\.html$ {" | |
| 78 | - | " add_header Set-Cookie language=$language_suffix;" | |
| 79 | - | " expires off;" | |
| 83 | + | " add_header Set-Cookie 'language=$language_suffix;HttpOnly;Secure';" | |
| 80 | 84 | " add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';" | |
| 85 | + | " add_header Strict-Transport-Security \"max-age=31536000; includeSubDomains\" always;" | |
| 86 | + | " add_header X-Frame-Options DENY;" | |
| 87 | + | " add_header X-Content-Type-Options nosniff;" | |
| 88 | + | " add_header Content-Security-Policy 'default-src \\'none\\'; img-src \\'self\\'; style-src \\'self\\' \\'unsafe-inline\\'; frame-ancestors \\'none\\'';" | |
| 89 | + | " add_header Referrer-Policy no-referrer;" | |
| 90 | + | " expires off;" | |
| 81 | 91 | " try_files $my_uri $uri $uri/ =404;" | |
| 82 | 92 | "}" | |
| 83 | 93 | "error_page 404 /404;"))))) | |