add nginx security policies

2026-02-25 05:09:49 -06:00 · 2023-01-29 11:16:38 -06:00
parent 1a7612a976
commit 16ec6f7a92
1 changed files with 3 additions and 1 deletions
--- a/flask.conf
+++ b/flask.conf
@@ -2,8 +2,10 @@ server {
    listen      8080;

    server_name _;
+    add_header Content-Security-Policy "default-src 'self';";
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

-    return 301 https://asimonson.com$request_uri
+    return 301 https://asimonson.com$request_uri;

    location / {
        proxy_pass http://localhost:5000/;