fi/nix-infra
1
1
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Change Content-Security-Policy "frame-ancestors" from "none" to "self"

Browse source 
Fixes downloads in element-web
This commit is contained in:
fi 2024-11-20 05:46:40 +01:00
parent 16bff59994
commit 2ac5dd8b5d
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config/hosts/web-public-2/virtualHosts/element.nekover.se.nix
View file

@ -72,7 +72,7 @@ in
add_header X-Frame-Options SAMEORIGIN; add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block"; add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "frame-ancestors 'none'"; add_header Content-Security-Policy "frame-ancestors 'self'";
add_header Strict-Transport-Security "max-age=63072000" always; add_header Strict-Transport-Security "max-age=63072000" always;