External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-10 15:32:07 -03:30
Code Issues Packages Projects Releases Wiki Activity

prevent click-jacking

Browse Source
This commit is contained in:
Chris Meyers 2017-01-03 10:46:42 -05:00
parent 2afdf35375
commit f794b1eb1f
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config/awx-nginx.conf
View File

@ -76,6 +76,9 @@ http {
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;
# Protect against click-jacking https://www.owasp.org/index.php/Testing_for_Clickjacking_(OTG-CLIENT-009)
add_header X-Frame-Options "DENY";
location /favicon.ico { alias /var/lib/awx/public/static/favicon.ico; }
location /static { alias /var/lib/awx/public/static; }