Commit b0a0f5f5 authored by Hugo SUBTIL's avatar Hugo SUBTIL
Browse files

fix: wip on nginx configuration

parent c9a70408
......@@ -18,6 +18,9 @@ server {
listen 8080 default_server;
root /usr/share/nginx/html/;
server_tokens off;
set $matomo_script
"<script type='text/javascript'>
var _paq = window._paq = window._paq || [];
......@@ -32,6 +35,12 @@ server {
})();
</script>";
location ~ /index.html|.*\.json$ {
expires -1;
add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
}
location / {
# Redirect outdated nav
if ($outdated = 1){
......
add_header Strict-Transport-Security "max-age=31449600; includeSubDomains" always;
add_header Content-Security-Policy "object-src 'none'; script-src 'self' https://openlayers.org/en/v4.6.5/build/ol.js https://embed.typeform.com/embed.js; script-src-elem 'self' https://openlayers.org/en/v4.6.5/build/ol.js https://embed.typeform.com/embed.js; base-uri 'self'; style-src https://openlayers.org/en/v4.6.5/css/ol.css https://cdn.jsdelivr.net/npm/leaflet.locatecontrol@0.72.0/dist/L.Control.Locate.min.css 'unsafe-inline' 'self';" always;
add_header X-Frame-Options "DENY" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "strict-origin" always;
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment