webinoly/templates/nginx/common/headers-html.conf

add_header Cache-Control "public, no-cache";
add_header Referrer-Policy "unsafe-url";

# The new Content-Security-Policy HTTP response header helps you reduce XSS risks on modern browsers by declaring what dynamic resources are allowed to load via a HTTP Header.
# https://content-security-policy.com/
#add_header Content-Security-Policy " ";
Initial release First commit to public release. 2017-09-16 20:37:13 +00:00			`add_header Cache-Control "public, no-cache";`
			`add_header Referrer-Policy "unsafe-url";`
http header warning Warning text for some HTTP headers. 2017-12-19 03:44:07 +00:00
			`# The new Content-Security-Policy HTTP response header helps you reduce XSS risks on modern browsers by declaring what dynamic resources are allowed to load via a HTTP Header.`
			`# https://content-security-policy.com/`
Initial release First commit to public release. 2017-09-16 20:37:13 +00:00			`#add_header Content-Security-Policy " ";`