External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-10 22:19:28 -02:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3038 from Spredzy/x_frame_options

Browse Source 
Nginx: Specify X-Frame-Options "DENY" header

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
This commit is contained in:
softwarefactory-project-zuul[bot]
2019-01-21 15:31:44 +00:00
committed by GitHub
parent a2102c92ec 44c48d1d66
commit c48c8c04f4
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
installer/roles/image_build/templates/nginx.conf
View File

@@ -44,6 +44,9 @@ http {
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months) # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000; add_header Strict-Transport-Security max-age=15768000;
# Protect against click-jacking https://www.owasp.org/index.php/Testing_for_Clickjacking_(OTG-CLIENT-009)
add_header X-Frame-Options "DENY";
location /nginx_status { location /nginx_status {
stub_status on; stub_status on;