free
/
freedombone
Segui 1
Vota 0
Forka 0
Codice Problemi 0 Pull Requests 0 Rilasci 0 Wiki Activity
Sfoglia il codice sorgente

Move header options around to give onion sites better protection

Bob Mottram 7 anni fa
parent
5f8d2d9161
commit
eec34f4740
1 ha cambiato i file con 5 aggiunte e 5 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 5
    5
      src/freedombone-utils-web

+ 5
- 5
src/freedombone-utils-web Vedi File 

@@ -76,6 +76,10 @@ function nginx_disable_sniffing {
76 76 
     filename=/etc/nginx/sites-available/$domain_name
77 77 
     { echo '    add_header X-Frame-Options DENY;';
78 78 
       echo '    add_header X-Content-Type-Options nosniff;';
79 
+      echo '    add_header X-XSS-Protection "1; mode=block";';
80 
+      echo '    add_header X-Robots-Tag none;';
81 
+      echo '    add_header X-Download-Options noopen;';
82 
+      echo '    add_header X-Permitted-Cross-Domain-Policies none;';
79 83 
       echo ''; } >> "$filename"
80 84 
 }
81 85 
 
@@ -157,11 +161,7 @@ function nginx_ssl {
157 161 
     else
158 162 
         echo "    ssl_ciphers '$SSL_CIPHERS';" >> "$filename"
159 163 
     fi
160 
-    { echo "    add_header Content-Security-Policy \"default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'\";";
161 
-      echo '    add_header X-XSS-Protection "1; mode=block";';
162 
-      echo '    add_header X-Robots-Tag none;';
163 
-      echo '    add_header X-Download-Options noopen;';
164 
-      echo '    add_header X-Permitted-Cross-Domain-Policies none;'; } >> "$filename"
164 
+    echo "    add_header Content-Security-Policy \"default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'\";" >> "$filename"
165 165
166 166 
     #nginx_stapling $1
167 167 
 }