free
/
freedombone
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Move header options around to give onion sites better protection

Bob Mottram 7 years ago
parent
5f8d2d9161
commit
eec34f4740
1 changed files with 5 additions and 5 deletions
Unified View Show Diff Stats
  1. 5
    5
      src/freedombone-utils-web

+ 5
- 5
src/freedombone-utils-web View File

76 
     filename=/etc/nginx/sites-available/$domain_name
 76 
     filename=/etc/nginx/sites-available/$domain_name
77 
     { echo '    add_header X-Frame-Options DENY;';
 77 
     { echo '    add_header X-Frame-Options DENY;';
78 
       echo '    add_header X-Content-Type-Options nosniff;';
 78 
       echo '    add_header X-Content-Type-Options nosniff;';
79 
+      echo '    add_header X-XSS-Protection "1; mode=block";';
80 
+      echo '    add_header X-Robots-Tag none;';
81 
+      echo '    add_header X-Download-Options noopen;';
82 
+      echo '    add_header X-Permitted-Cross-Domain-Policies none;';
79 
       echo ''; } >> "$filename"
 83 
       echo ''; } >> "$filename"
80 
 }
 84 
 }
81
85
157 
     else
 161 
     else
158 
         echo "    ssl_ciphers '$SSL_CIPHERS';" >> "$filename"
 162 
         echo "    ssl_ciphers '$SSL_CIPHERS';" >> "$filename"
159 
     fi
 163 
     fi
160 
-    { echo "    add_header Content-Security-Policy \"default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'\";";
161 
-      echo '    add_header X-XSS-Protection "1; mode=block";';
162 
-      echo '    add_header X-Robots-Tag none;';
163 
-      echo '    add_header X-Download-Options noopen;';
164 
-      echo '    add_header X-Permitted-Cross-Domain-Policies none;'; } >> "$filename"
164 
+    echo "    add_header Content-Security-Policy \"default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'\";" >> "$filename"
165
165
166 
     #nginx_stapling $1
 166 
     #nginx_stapling $1
167 
 }
 167 
 }