add Referrer-Policy header
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Robert Kaussow 2021-05-20 23:58:24 +02:00
parent d7918d59ac
commit 57217a7f08
No known key found for this signature in database
GPG Key ID: 65362AE74AF98B61
2 changed files with 10 additions and 0 deletions

View File

@ -74,6 +74,7 @@ nginx_tls_hsts_enabled: False
nginx_hsts_options: nginx_hsts_options:
- max-age=63072000 - max-age=63072000
- includeSubDomains - includeSubDomains
- preload
nginx_xfo_enabled: True nginx_xfo_enabled: True
nginx_xfo_policy: deny nginx_xfo_policy: deny
@ -93,6 +94,9 @@ nginx_xxxsp_parameters:
- 1 - 1
- mode=block - mode=block
nginx_rp_enabled: True
nginx_rp_option: strict-origin
nginx_maps: [] nginx_maps: []
# @var nginx_maps:example: > # @var nginx_maps:example: >
# nginx_maps: # nginx_maps:

View File

@ -27,3 +27,9 @@ add_header X-Content-Type-Options nosniff always;
{% if nginx_xxxsp_enabled %} {% if nginx_xxxsp_enabled %}
add_header X-XSS-Protection "{{ nginx_xxxsp_parameters | default([]) |join(' ; ') }}" always; add_header X-XSS-Protection "{{ nginx_xxxsp_parameters | default([]) |join(' ; ') }}" always;
{% endif %} {% endif %}
# governs which referrer information, sent in the Referer header, should be included with requests made
# https://owasp.org/www-project-secure-headers/#referrer-policy
{% if nginx_rp_enabled %}
add_header Referrer-Policy "{{ nginx_rp_option }}" always;
{% endif %}