External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-16 20:30:46 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4561 from chrismeyersfsu/fix-4476

Browse Source 
prevent click-jacking
This commit is contained in:
Chris Meyers 2017-01-03 13:27:41 -05:00 committed by GitHub
commit 1acbbc3ebb
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config/awx-nginx.conf
View File

@ -76,6 +76,9 @@ http {
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;
# Protect against click-jacking https://www.owasp.org/index.php/Testing_for_Clickjacking_(OTG-CLIENT-009)
add_header X-Frame-Options "DENY";
location /favicon.ico { alias /var/lib/awx/public/static/favicon.ico; }
location /static { alias /var/lib/awx/public/static; }