add Referrer-Policy header
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Robert Kaussow 2021-05-20 23:58:24 +02:00
parent d7918d59ac
commit 57217a7f08
No known key found for this signature in database
GPG Key ID: 65362AE74AF98B61
2 changed files with 10 additions and 0 deletions

View File

@ -74,6 +74,7 @@ nginx_tls_hsts_enabled: False
nginx_hsts_options:
- max-age=63072000
- includeSubDomains
- preload
nginx_xfo_enabled: True
nginx_xfo_policy: deny
@ -93,6 +94,9 @@ nginx_xxxsp_parameters:
- 1
- mode=block
nginx_rp_enabled: True
nginx_rp_option: strict-origin
nginx_maps: []
# @var nginx_maps:example: >
# nginx_maps:

View File

@ -27,3 +27,9 @@ add_header X-Content-Type-Options nosniff always;
{% if nginx_xxxsp_enabled %}
add_header X-XSS-Protection "{{ nginx_xxxsp_parameters | default([]) |join(' ; ') }}" always;
{% endif %}
# governs which referrer information, sent in the Referer header, should be included with requests made
# https://owasp.org/www-project-secure-headers/#referrer-policy
{% if nginx_rp_enabled %}
add_header Referrer-Policy "{{ nginx_rp_option }}" always;
{% endif %}