updated config to handle reverse proxy

2024-10-15 16:42:59 -05:00
parent 496d8000b0
commit 190738faec
7 changed files with 55 additions and 19 deletions
--- a/nginx/nginxconfig.io/security.conf
+++ b/nginx/nginxconfig.io/security.conf
@@ -2,7 +2,7 @@
 add_header X-XSS-Protection          "1; mode=block" always;
 add_header X-Content-Type-Options    "nosniff" always;
 add_header Referrer-Policy           "no-referrer-when-downgrade" always;
-add_header Content-Security-Policy   "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';" always;
+add_header Content-Security-Policy   "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';" always;
 add_header Permissions-Policy        "interest-cohort=()" always;
 add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;