kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 1 Releases Activity

bundles/nginx: hide content security headers coming from php

Browse source
This commit is contained in:
Franzi 2023-09-02 20:49:05 +02:00
parent 72607adbfe
commit ea77c68e16
Signed by: kunsi
GPG key ID: 12E3D2136B818350
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
bundles/nginx/files/site_template
View file

@ -149,9 +149,16 @@ server {
% endfor % endfor
% endif % endif
% if php: % if php:
location ~ \.php$ { location ~ \.php(?:$|/) {
include fastcgi.conf; include fastcgi.conf;
fastcgi_pass unix:/run/php/php${php_version}-fpm.sock; fastcgi_pass unix:/run/php/php${php_version}-fpm.sock;
% if not do_not_set_content_security_headers:
fastcgi_hide_header Referrer-Policy;
fastcgi_hide_header X-Frame-Options;
fastcgi_hide_header X-Content-Type-Options;
fastcgi_hide_header X-XSS-Protection;
% endif
fastcgi_hide_header Permissions-Policy;
} }
% if not max_body_size: % if not max_body_size:
client_max_body_size 5M; client_max_body_size 5M;