ClearML/clearml-server
1
0
Fork 0
mirror of https://github.com/clearml/clearml-server synced 2025-02-07 05:27:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add security headers to webserver

Browse Source
This commit is contained in:
allegroai 2024-03-18 15:50:40 +02:00
parent 5189adf4f1
commit 5749ff0454
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docker/build/internal_files/clearml.conf.template
View File

@ -29,7 +29,12 @@ server {
include /etc/nginx/default.d/*.conf;
location / {
try_files $uri$args $uri$args/ $uri index.html /index.html;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Content-Security-Policy "frame-ancestors 'self'";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade";
try_files $uri $uri/ /index.html;
}
location /version.json {
@ -57,4 +62,4 @@ server {
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}