Update recommended nginx config

Update recommended nginx config to allow iframes
close #234
This commit is contained in:
Trinity Pointard 2018-09-19 18:18:39 +02:00
parent fab6360100
commit f0fb030c7f

View File

@ -221,8 +221,7 @@ server {
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "default-src 'self';";
add_header Content-Security-Policy "frame-ancestors 'self'";
add_header Content-Security-Policy "default-src 'self'; frame-ancestors 'self'; frame-src https:";
location ~* \.(jpg|jpeg|png|gif|ico|js|pdf)$ {
add_header Cache-Control "public";