From c7d1bdce2ef965f1a50de7ea4d6a08a3992c1b54 Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Wed, 14 Apr 2021 23:08:44 -0400 Subject: [PATCH] expand same-origin CORP header usage --- nginx/nginx.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/nginx/nginx.conf b/nginx/nginx.conf index a82c1dd1..0ea61b0a 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -231,6 +231,7 @@ http { location ~ "\.(ico|webmanifest)$" { include snippets/security-headers.conf; + add_header Cross-Origin-Resource-Policy "same-origin"; add_header Cache-Control "public, max-age=604800"; }