docs: remove the Strict-Transport-Security header from web server configurations
Some checks failed
Deploy Next.js application / deploy (push) Failing after 10m4s

This commit is contained in:
Dorian Niemiec 2024-11-08 17:24:30 +01:00
parent 5698071d47
commit d08cc6a168
2 changed files with 0 additions and 2 deletions

View file

@ -48,7 +48,6 @@ server {
listen 80; listen 80;
server_name _; server_name _;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header x-content-type-options "nosniff"; add_header x-content-type-options "nosniff";
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo='; style-src 'self' 'unsafe-inline'; frame-src 'self' data:"; add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo='; style-src 'self' 'unsafe-inline'; frame-src 'self' data:";
add_header Referrer-Policy "strict-origin-when-cross-origin"; add_header Referrer-Policy "strict-origin-when-cross-origin";

View file

@ -21,7 +21,6 @@ Open the `/etc/svrjs-config.json` file in your preferred text editor, and alter
```json ```json
{ {
"customHeaders": { "customHeaders": {
"Strict-Transport-Security": "max-age=31536000; includeSubDomains; preload",
"x-content-type-options": "nosniff", "x-content-type-options": "nosniff",
"Content-Security-Policy": "default-src 'self'; script-src 'self' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo='; style-src 'self' 'unsafe-inline'; frame-src 'self' data:", "Content-Security-Policy": "default-src 'self'; script-src 'self' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo='; style-src 'self' 'unsafe-inline'; frame-src 'self' data:",
"Referrer-Policy": "strict-origin-when-cross-origin", "Referrer-Policy": "strict-origin-when-cross-origin",