Set up a simple homepage with an auto-deploy tekton pipeline.
This commit is contained in:
Tom Alexander
16
docker/server/headers.include
Normal file
16
docker/server/headers.include
Normal file
@@ -0,0 +1,16 @@
|
||||
# Enable HTTP Strict Transport Security (HSTS) to force clients to
|
||||
# always connect via HTTPS (do not use if only testing)
|
||||
add_header Strict-Transport-Security "max-age=31536000;" always;
|
||||
# Enable cross-site filter (XSS) and tell browser to block detected
|
||||
# attacks
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
# Prevent some browsers from MIME-sniffing a response away from the
|
||||
# declared Content-Type
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
# Disallow the site to be rendered within a frame (clickjacking
|
||||
# protection)
|
||||
add_header X-Frame-Options "DENY" always;
|
||||
|
||||
# Surrogate Control sets CDN caching behavior.
|
||||
add_header Surrogate-Control "public, max-age=86400";
|
||||
add_header Cache-Control "public, max-age=120";
|
||||
Reference in New Issue
Block a user