Commit 64934a74 authored by Chris Hines's avatar Chris Hines
Browse files

extend teh hsts setting

parent c1518389
Pipeline #12074 passed with stages
in 6 minutes and 19 seconds
......@@ -3,7 +3,7 @@ location ~ /.* {
#alias /var/www/sv2/dist/sv2/;
try_files $uri$args $uri$args/ $uri/ /index.html;
add_header Content-Security-Policy "default-src 'self' *.cloud.cvl.org.au; style-src 'self' fonts.googleapis.com 'unsafe-inline'; font-src 'self' fonts.gstatic.com";
add_header Strict-Transport-Security "max-age=600; includeSubDomains" always;
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment