frappe_docker/resources/core/nginx/security_headers.conf at 0cddb6f35becbf9027f67058ef8ffcc74c505321 - epistemophiliac/frappe_docker - Forgejo: Beyond coding. We Forge.

epistemophiliac/frappe_docker

mirror of https://github.com/frappe/frappe_docker.git synced 2026-06-17 13:55:08 +00:00

Rin 57287e9cff Refactor: Move shared security headers into a snippet and include it in server and files location blocks.

2026-03-16 23:11:41 +07:00

5 lines

324 B

Text

Raw Blame History

 add_header X-Frame-Options "SAMEORIGIN" always;
 add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
 add_header X-Content-Type-Options nosniff always;
 add_header X-XSS-Protection "1; mode=block" always;
 add_header Referrer-Policy "same-origin, strict-origin-when-cross-origin" always;