content security policy

2019-08-21 15:01:22 +00:00
parent 1e642e2f13
commit 0b703ea559
3 changed files with 10 additions and 1 deletions
--- a/confs/content-security-policy.conf
+++ b/confs/content-security-policy.conf
@@ -0,0 +1 @@
+more_set_headers "Content-Security-Policy: %CONTENT_SECURITY_POLICY%";
--- a/confs/server.conf
+++ b/confs/server.conf
@@ -17,7 +17,7 @@ server {
 	%X_FRAME_OPTIONS%
 	%X_XSS_PROTECTION%
 	%X_CONTENT_TYPE_OPTIONS%
-	# TODO : CSP
+	%CONTENT_SECURITY_POLICY%
 	%REFERRER_POLICY%
 	%FEATURE_POLICY%
 	%BLOCK_COUNTRY%
				`@@ -0,0 +1 @@`
				`more_set_headers "Content-Security-Policy: %CONTENT_SECURITY_POLICY%";`