From d7862918a64ad38aa10059f8b952b1476d950114 Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Tue, 18 Aug 2020 15:07:43 +0200 Subject: [PATCH] bundles/nginx: set default X-Frame-Options to SAMEORIGIN --- bundles/nginx/files/site_template | 2 +- nodes/htz/ex42-1048908.py | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/bundles/nginx/files/site_template b/bundles/nginx/files/site_template index 7ce70ec..8a316e1 100644 --- a/bundles/nginx/files/site_template +++ b/bundles/nginx/files/site_template @@ -22,7 +22,7 @@ server { % if not do_not_set_content_security_headers: add_header Referrer-Policy same-origin; - add_header X-Frame-Options "DENY"; + add_header X-Frame-Options "SAMEORIGIN"; add_header X-Content-Type-Options nosniff; % endif diff --git a/nodes/htz/ex42-1048908.py b/nodes/htz/ex42-1048908.py index b97e336..03b3ac9 100644 --- a/nodes/htz/ex42-1048908.py +++ b/nodes/htz/ex42-1048908.py @@ -151,7 +151,6 @@ nodes['htz.ex42-1048908'] = { }, 'vliedel.random.franzi.business': {}, 'webmail.mx0.kunbox.net': { - 'do_not_set_content_security_headers': True, 'index': 'index.php', 'php': True, },