bunkerweb 1.4.0

core/headers/confs/http/headers.conf

@@ -0,0 +1,4 @@
+map $scheme $header_cookie_secure {
+	default "";
+	"https" "secure";
+}

core/headers/confs/server-http/custom-headers.conf

@@ -0,0 +1,5 @@
+{% for k, v in all.items() +%}
+	{% if k.startswith("CUSTOM_HEADER") and v != "" +%}
+more_set_headers "{{ v }}";
+	{% endif %}
+{% endfor %}

core/headers/confs/server-http/remove-headers.conf

@@ -0,0 +1,5 @@
+{% if REMOVE_HEADERS != "" %}
+	{% for header in REMOVE_HEADERS.split(" ") +%}
+more_clear_headers '{{ header }}';
+	{% endfor %}
+{% endif %}

core/headers/confs/server-http/security-headers.conf

@@ -0,0 +1,39 @@
+{% if STRICT_TRANSPORT_SECURITY != "" and (AUTO_LETS_ENCRYPT == "yes" or USE_CUSTOM_HTTPS == "yes" or GENERATE_SELF_SIGNED_SSL == "yes") +%}
+more_set_headers "Strict-Transport-Security: {{ STRICT_TRANSPORT_SECURITY }}";
+{% endif +%}
+
+{% if COOKIE_FLAGS != "" +%}
+	{% if COOKIE_AUTO_SECURE_FLAG == "yes" and (AUTO_LETS_ENCRYPT == "yes" or USE_CUSTOM_HTTPS == "yes" or GENERATE_SELF_SIGNED_SSL == "yes") +%}
+set_cookie_flag {{ COOKIE_FLAGS }} secure;
+	{% else +%}
+set_cookie_flag {{ COOKIE_FLAGS }};
+	{% endif +%}
+{% endif +%}
+
+{% if CONTENT_SECURITY_POLICY != "" +%}
+more_set_headers "Content-Security-Policy: {{ CONTENT_SECURITY_POLICY }}";
+{% endif +%}
+
+{% if REFERRER_POLICY != "" +%}
+more_set_headers "Referrer-Policy: {{ REFERRER_POLICY }}";
+{% endif +%}
+
+{% if PERMISSIONS_POLICY != "" +%}
+more_set_headers "Permissions-Policy: {{ PERMISSIONS_POLICY }}";
+{% endif +%}
+
+{% if FEATURE_POLICY != "" +%}
+more_set_headers "Feature-Policy: {{ FEATURE_POLICY }}";
+{% endif +%}
+
+{% if X_FRAME_OPTIONS != "" +%}
+more_set_headers "X-Frame-Options: {{ X_FRAME_OPTIONS }}";
+{% endif +%}
+
+{% if X_CONTENT_TYPE_OPTIONS != "" +%}
+more_set_headers "X-Content-Type-Options: {{ X_CONTENT_TYPE_OPTIONS }}";
+{% endif +%}
+
+{% if X_XSS_PROTECTION != "" +%}
+more_set_headers "X-XSS-Protection: {{ X_XSS_PROTECTION }}";
+{% endif +%}