tixie/nixcfg
1
0
Fork 0
forked from Deuxfleurs/nixcfg
Code Pull requests Activity

remove default HTTP CSP, put your CSP in your HTML

Browse source
This commit is contained in:
Quentin 2023-10-03 16:00:11 +02:00
parent 9e113416ac
commit 56e19ff2e5
Signed by untrusted user: quentin
GPG key ID: E9602264D639FF68
1 changed files with 0 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
cluster/prod/app/garage/deploy/garage.hcl
View file

@ -134,7 +134,6 @@ job "garage" {
tags = [ tags = [
"garage-web", "garage-web",
"tricot * 1", "tricot * 1",
"tricot-add-header Content-Security-Policy default-src https: 'unsafe-inline'; object-src 'none'",
"tricot-add-header Strict-Transport-Security max-age=63072000; includeSubDomains; preload", "tricot-add-header Strict-Transport-Security max-age=63072000; includeSubDomains; preload",
"tricot-add-header X-Frame-Options SAMEORIGIN", "tricot-add-header X-Frame-Options SAMEORIGIN",
"tricot-add-header X-XSS-Protection 1; mode=block", "tricot-add-header X-XSS-Protection 1; mode=block",