ISTI-ansible-roles
/
ansible-role-nginx
4
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix the content-security header everywhere.

This commit is contained in:
Andrea Dell'Amico 2021-07-28 17:41:54 +02:00
parent 686d95fefe
commit 32c68b3a66
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
templates/nginx-virthost.j2
View File

@ -271,7 +271,7 @@ server {
{% endif %}
{% if nginx_set_content_security_options %}
proxy_hide_header Content-Security-Policy;
add_header Content-Security-Policy "frame-ancestors{% for l in nginx_content_security_acl %} {{ l }}{% endfor %};";
add_header Content-Security-Policy "frame-src{% for s in nginx_content_security_src_acl %} {{ s }}{% endfor %}; frame-ancestors{% for l in nginx_content_security_ancestor_acl %} {{ l }}{% endfor %};";
{% endif %}
server_tokens {{ item.server_tokens | default('off') }};