From 05b1c1cf9b363fb0e542d17472b7e92dfd24a22e Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kyle.spearrin@gmail.com>
Date: Fri, 20 Jul 2018 14:13:24 -0400
Subject: [PATCH] move all security headers to web vault location

---
 util/Setup/NginxConfigBuilder.cs | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/util/Setup/NginxConfigBuilder.cs b/util/Setup/NginxConfigBuilder.cs
index 20229af25a..d3782eccd6 100644
--- a/util/Setup/NginxConfigBuilder.cs
+++ b/util/Setup/NginxConfigBuilder.cs
@@ -141,14 +141,13 @@ server {{
                 }
 
                 sw.WriteLine($@"
-  # Security headers
-  #add_header X-Frame-Options SAMEORIGIN;
-  add_header X-Content-Type-Options nosniff;
-  add_header X-XSS-Protection ""1; mode=block"";
-  add_header Referrer-Policy same-origin;
-
   location / {{
     proxy_pass http://web:5000/;
+    # Security headers
+    #add_header X-Frame-Options SAMEORIGIN;
+    add_header X-Content-Type-Options nosniff;
+    add_header X-XSS-Protection ""1; mode=block"";
+    add_header Referrer-Policy same-origin;
     add_header Content-Security-Policy ""{ContentSecurityPolicy}"";
   }}