msfjarvis/server-config
1
Fork 0
mirror of https://github.com/msfjarvis/server-config synced 2025-08-14 10:37:02 +05:30
Code Issues Projects Releases Packages Wiki Activity Actions

Caddyfile: stop serving X-Content-Type-Options header

Browse source 
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
This commit is contained in:
Harsh Shandilya 2020-04-24 16:08:18 +05:30
parent e5f4e081d4
commit f268a87d7d
No known key found for this signature in database
GPG key ID: 366D7BBAD1031E80
1 changed files with 0 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

3
Caddyfile
View file

@ -24,7 +24,6 @@
# Security related changes stolen from https://github.com/searx/searx-docker/blob/master/Caddyfile
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
X-Frame-Options "SAMEORIGIN"
Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none'; geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'"
Referrer-Policy "no-referrer"
@ -71,7 +70,6 @@ https://bin.msfjarvis.dev {
import proxy_config
}
header / {
-X-Content-Type-Options
-Content-Security-Policy
}
}
@ -108,7 +106,6 @@ https://mail.msfjarvis.dev {
to /forbidden
}
header / {
-X-Content-Type-Options
-Content-Security-Policy
}
}