free
/
freedombone
Наблюдаван 1
Харесван 0
Разклонения 0
Код Задачи 0 Заявки за сливане 0 Версии 0 Уики Activity
Преглед на файлове

Additional security policy settings for ttrss

Bob Mottram преди 7 години
родител
1a11a8cfdd
ревизия
645bcf9f34
променени са 1 файла, в които са добавени 10 реда и са изтрити 2 реда
Разделен изглед Покажи статистика за разликите
  1. 10
    2
      src/freedombone-app-rss

+ 10
- 2
src/freedombone-app-rss Целия файл 

@@ -428,7 +428,11 @@ function install_rss_main {
428 428 
     echo '    deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
429 429 
     echo '  }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
430 430 
     echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
431 
-    echo '  add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
431 
+    echo '  add_header X-XSS-Protection "1; mode=block";' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
432 
+    echo '  add_header X-Robots-Tag none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
433 
+    echo '  add_header X-Download-Options noopen;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
434 
+    echo '  add_header X-Permitted-Cross-Domain-Policies none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
435 
+    echo '  add_header X-Frame-Options SAMEORIGIN;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
432 436 
     echo '  add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
433 437 
     echo '  client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
434 438 
     echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
 
@@ -482,7 +486,11 @@ function install_rss_main {
482 486 
     echo '    deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
483 487 
     echo '  }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
484 488 
     echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
485 
-    echo '  add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
489 
+    echo '  add_header X-XSS-Protection "1; mode=block";' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
490 
+    echo '  add_header X-Robots-Tag none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
491 
+    echo '  add_header X-Download-Options noopen;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
492 
+    echo '  add_header X-Permitted-Cross-Domain-Policies none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
493 
+    echo '  add_header X-Frame-Options SAMEORIGIN;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
486 494 
     echo '  add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
487 495 
     echo '  client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
488 496 
     echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME