Commit 534ea28b authored by Jan-Oliver Opdenhövel's avatar Jan-Oliver Opdenhövel
Browse files

Adding the XSS protection headers for Element

parent 4f5a8a44
......@@ -41,6 +41,11 @@ http {
location / {
root /usr/share/webapps/element;
index index.html;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "frame-ancestors 'none'";
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment