[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
branch master updated: berlin/nginx: Disallow iframe embedding.
From: |
Ricardo Wurmus |
Subject: |
branch master updated: berlin/nginx: Disallow iframe embedding. |
Date: |
Wed, 07 Apr 2021 21:39:16 -0400 |
This is an automated email from the git hooks/post-receive script.
rekado pushed a commit to branch master
in repository maintenance.
The following commit(s) were added to refs/heads/master by this push:
new 1ac62fc berlin/nginx: Disallow iframe embedding.
1ac62fc is described below
commit 1ac62fcc312fbfd980507142d16104d715581d0f
Author: Ricardo Wurmus <rekado@elephly.net>
AuthorDate: Thu Apr 8 03:38:27 2021 +0200
berlin/nginx: Disallow iframe embedding.
* hydra/nginx/berlin.scm (%berlin-servers): Add
Content-Security-Policy header.
---
hydra/nginx/berlin.scm | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/hydra/nginx/berlin.scm b/hydra/nginx/berlin.scm
index d29146a..f6d3f9c 100644
--- a/hydra/nginx/berlin.scm
+++ b/hydra/nginx/berlin.scm
@@ -786,6 +786,8 @@ PUBLISH-URL."
(locations guix.gnu.org-locations)
(raw-content
(list
+ "add_header Content-Security-Policy \"frame-ancestors 'none'\";"
+
;; TODO This works around NGinx using the epoch for the
;; Last-Modified date, as well as the etag.
;; See http://issues.guix.gnu.org/37207
@@ -889,6 +891,8 @@ PUBLISH-URL."
(append
%tls-settings
(list
+ "add_header Content-Security-Policy \"frame-ancestors 'none'\";"
+
;; TODO This works around NGinx using the epoch for the
;; Last-Modified date, as well as the etag.
;; See http://issues.guix.gnu.org/37207
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- branch master updated: berlin/nginx: Disallow iframe embedding.,
Ricardo Wurmus <=