Skip to content

Commit a6cd315

Browse files
nemchiknemchik
committed
Adjust Access-Control-Allow-Origin header
Signed-off-by: Eric Nemchik <eric@nemchik.com>
1 parent a58e188 commit a6cd315

1 file changed

Lines changed: 2 additions & 2 deletions

File tree

root/defaults/nginx/ssl.conf.sample

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,8 @@ ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
2121

2222
### Mozilla Practical security implementation
2323
# https://developer.mozilla.org/en-US/docs/Web/Security
24-
#add_header Access-Control-Allow-Origin "*" always;
25-
#add_header Content-Security-Policy "upgrade-insecure-requests; base-uri 'self'; form-action 'self'; frame-ancestors 'self'" always;
24+
#add_header Access-Control-Allow-Origin $http_origin always;
25+
#add_header Content-Security-Policy "upgrade-insecure-requests; base-uri 'self'; form-action 'self'; frame-ancestors 'self';" always;
2626
#add_header Cross-Origin-Resource-Policy "same-origin" always;
2727
#add_header Referrer-Policy "same-origin" always;
2828
#add_header X-Content-Type-Options "nosniff" always;

0 commit comments

Comments
 (0)