Update recommended nginx config
Update recommended nginx config to allow iframes close #234
This commit is contained in:
parent
fab6360100
commit
f0fb030c7f
@ -221,8 +221,7 @@ server {
|
|||||||
add_header X-Frame-Options DENY;
|
add_header X-Frame-Options DENY;
|
||||||
add_header X-Content-Type-Options nosniff;
|
add_header X-Content-Type-Options nosniff;
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
add_header Content-Security-Policy "default-src 'self';";
|
add_header Content-Security-Policy "default-src 'self'; frame-ancestors 'self'; frame-src https:";
|
||||||
add_header Content-Security-Policy "frame-ancestors 'self'";
|
|
||||||
|
|
||||||
location ~* \.(jpg|jpeg|png|gif|ico|js|pdf)$ {
|
location ~* \.(jpg|jpeg|png|gif|ico|js|pdf)$ {
|
||||||
add_header Cache-Control "public";
|
add_header Cache-Control "public";
|
||||||
|
Loading…
Reference in New Issue
Block a user