From d1e0dfad9c7062838bc61f79a922ec2617fdcdcb Mon Sep 17 00:00:00 2001 From: Edwin Lyon <53972157+practical-engelbart@users.noreply.github.com> Date: Thu, 5 Nov 2020 18:24:36 -0800 Subject: [PATCH] Update nginx.conf --- nginx/nginx.conf | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/nginx/nginx.conf b/nginx/nginx.conf index e766aed..4c5f728 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -26,27 +26,28 @@ http { include /etc/nginx/mime.types; default_type application/octet-stream; - - map $sent_http_content_type $content_security_policy { - ~*text/(html|javascript)|application/pdf|xml "default-src 'self'; base-uri 'none'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests"; - } + + # Optional mapping rules + #map $sent_http_content_type $content_security_policy { + # ~*text/(html|javascript)|application/pdf|xml "default-src 'self'; base-uri 'none'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests"; + #} - map $sent_http_content_type $referrer_policy { - ~*text/(css|html|javascript)|application\/pdf|xml "strict-origin-when-cross-origin"; - } + #map $sent_http_content_type $referrer_policy { + # ~*text/(css|html|javascript)|application\/pdf|xml "strict-origin-when-cross-origin"; + #} - map $sent_http_content_type $cors { + #map $sent_http_content_type $cors { #Images - ~*image/ "*"; + # ~*image/ "*"; #Web fonts - ~*font/ "*"; - ~*application/vnd.ms-fontobject "*"; - ~*application/x-font-ttf "*"; - ~*application/font-woff "*"; - ~*application/x-font-woff "*"; - ~*application/font-woff2 "*"; - } + # ~*font/ "*"; + # ~*application/vnd.ms-fontobject "*"; + # ~*application/x-font-ttf "*"; + # ~*application/font-woff "*"; + # ~*application/x-font-woff "*"; + # ~*application/font-woff2 "*"; + #} ## # SSL Settings