|
@@ -138,6 +138,11 @@ function nginx_ssl {
|
138
|
138
|
echo " ssl_protocols $SSL_PROTOCOLS;" >> $filename
|
139
|
139
|
echo " ssl_ciphers '$SSL_CIPHERS';" >> $filename
|
140
|
140
|
echo " add_header Content-Security-Policy \"default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'\";" >> $filename
|
|
141
|
+ echo ' add_header X-XSS-Protection "1; mode=block";' >> $filename
|
|
142
|
+ echo ' add_header X-Robots-Tag none;' >> $filename
|
|
143
|
+ echo ' add_header X-Download-Options noopen;' >> $filename
|
|
144
|
+ echo ' add_header X-Permitted-Cross-Domain-Policies none;' >> $filename
|
|
145
|
+
|
141
|
146
|
#nginx_stapling $1
|
142
|
147
|
}
|
143
|
148
|
|