mirrors/mempool
1
0
Fork 0
mirror of https://github.com/mempool/mempool.git synced 2024-11-19 01:41:01 +01:00
Code Issues Projects Releases Wiki Activity

ops: Don't always set frameoptions in nginx

Browse Source
This commit is contained in:
wiz 2024-10-23 22:12:26 +09:00
parent c8ce4631e2
commit cb63d17a2f
No known key found for this signature in database
GPG Key ID: A394E332255A6173
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
production/nginx/server-common.conf
View File

@ -8,8 +8,11 @@ add_header Onion-Location http://$onion.onion$request_uri;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
# generate frame configuration from origin header
set $frameOptions "DENY";
set $contentSecurityPolicy "frame-ancestors 'none'";
if ($frameOptions = '')
{
set $frameOptions "DENY";
set $contentSecurityPolicy "frame-ancestors 'none'";
}
# used for iframes on https://mempool.space/network
if ($http_referer ~ ^https://mempool.space/)