ansol
/
matrix-docker-ansible-deploy
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git
7
0
Fork 0
Code Issues Projects Releases Wiki Activity

Caddyfile example : enable Content-Security-Policy by default instead of having the line commented

This commit is contained in:
François Darveau 2022-10-11 07:32:02 -04:00
parent 21bed90e13
commit a061ea54b3
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
examples/caddy2/Caddyfile
View File

@ -177,7 +177,7 @@ element.DOMAIN.tld {
# # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
# X-Content-Type-Options "nosniff"
# # Only allow same base domain to render this website in a frame; Can be removed if the client (Element for example) is hosted on another domain (clickjacking protection)
# # Content-Security-Policy frame-ancestors https://*.DOMAIN.tld
# Content-Security-Policy frame-ancestors https://*.DOMAIN.tld
# # X-Robots-Tag
# X-Robots-Tag "noindex, noarchive, nofollow"
# }
@ -214,7 +214,7 @@ element.DOMAIN.tld {
# X-Content-Type-Options "nosniff"
# # Only allow same base domain to render this website in a frame; Can be removed if the client (Element for example) is hosted on another domain
# # Content-Security-Policy frame-ancestors https://*.DOMAIN.tld
# Content-Security-Policy frame-ancestors https://*.DOMAIN.tld
#
# # Disable some features
# Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope #'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'"