free
/
freedombone
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Additional security policy settings for ttrss

Bob Mottram 7 years ago
parent
1a11a8cfdd
commit
645bcf9f34
1 changed files with 10 additions and 2 deletions
Split View Show Diff Stats
  1. 10
    2
      src/freedombone-app-rss

+ 10
- 2
src/freedombone-app-rss View File 

@@ -428,7 +428,11 @@ function install_rss_main {
428 428 
     echo '    deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
429 429 
     echo '  }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
430 430 
     echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
431 
-    echo '  add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
431 
+    echo '  add_header X-XSS-Protection "1; mode=block";' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
432 
+    echo '  add_header X-Robots-Tag none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
433 
+    echo '  add_header X-Download-Options noopen;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
434 
+    echo '  add_header X-Permitted-Cross-Domain-Policies none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
435 
+    echo '  add_header X-Frame-Options SAMEORIGIN;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
432 436 
     echo '  add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
433 437 
     echo '  client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
434 438 
     echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
 
@@ -482,7 +486,11 @@ function install_rss_main {
482 486 
     echo '    deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
483 487 
     echo '  }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
484 488 
     echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
485 
-    echo '  add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
489 
+    echo '  add_header X-XSS-Protection "1; mode=block";' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
490 
+    echo '  add_header X-Robots-Tag none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
491 
+    echo '  add_header X-Download-Options noopen;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
492 
+    echo '  add_header X-Permitted-Cross-Domain-Policies none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
493 
+    echo '  add_header X-Frame-Options SAMEORIGIN;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
486 494 
     echo '  add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
487 495 
     echo '  client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
488 496 
     echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME