GitHub-Bitwarden
/
server
mirror of https://github.com/bitwarden/server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

enabled X-Frame-Options header

pull/358/head
Kyle Spearrin 7 years ago
parent
d4c35a98b7
commit
566471cae8
1 changed files with 11 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 12
      util/Setup/Templates/NginxConfig.hbs

12
util/Setup/Templates/NginxConfig.hbs
Unescape View File

@ -47,7 +47,7 @@ server { @@ -47,7 +47,7 @@ server {
# Security headers
add_header Referrer-Policy same-origin;
#add_header X-Frame-Options SAMEORIGIN;
add_header X-Frame-Options SAMEORIGIN;
{{#if Ssl}}
add_header X-Content-Type-Options nosniff;
# This will enforce HTTP browsing into HTTPS and avoid ssl stripping attack. 6 months age
@ -67,6 +67,16 @@ server { @@ -67,6 +67,16 @@ server {
add_header Content-Type $fido_content_type;
}
location = /duo-connector.html {
proxy_pass http://web:5000/duo-connector.html;
proxy_hide_header X-Frame-Options;
}
location = /u2f-connector.html {
proxy_pass http://web:5000/u2f-connector.html;
proxy_hide_header X-Frame-Options;
}
location /attachments/ {
proxy_pass http://attachments:5000/;
}

Write Preview
Loading…
Cancel
Save