1
0
angie-conv-image/angie/j2cfg.dist/headers-response-common.yml.j2

9 lines
613 B
Django/Jinja

{% if env.NGX_HTTP_TRANSPARENT_PROXY == '0' %}
response_headers:
Permissions-Policy: "accelerometer=(), autoplay=(), browsing-topics=(), camera=(), clipboard-read=(), clipboard-write=(), geolocation=(), gyroscope=(), hid=(), interest-cohort=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), sync-xhr=(), usb=()"
Referrer-Policy: "no-referrer-when-downgrade"
Strict-Transport-Security: "max-age=15724800; includeSubDomains; preload"
X-Content-Type-Options: "nosniff"
X-Frame-Options: "SAMEORIGIN"
X-XSS-Protection: "1; mode=block"
{% endif %}