From 16ec6f7a92b585f08e59b82b7b751155dc243ad6 Mon Sep 17 00:00:00 2001
From: Andrew Simonson <asimonson1125@gmail.com>
Date: Sun, 29 Jan 2023 11:16:38 -0600
Subject: [PATCH] add nginx security policies

---
 flask.conf | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/flask.conf b/flask.conf
index 3afc627..82c9ee8 100644
--- a/flask.conf
+++ b/flask.conf
@@ -2,8 +2,10 @@ server {
     listen      8080;
 
     server_name _;
+    add_header Content-Security-Policy "default-src 'self';";
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
 
-    return 301 https://asimonson.com$request_uri
+    return 301 https://asimonson.com$request_uri;
 
     location / {
         proxy_pass http://localhost:5000/;