nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 07:36:14 -05:00
Code Activity

include security headers

Browse Source
This commit is contained in:
Kyle Spearrin
2018-08-31 12:55:54 -04:00
parent 566471cae8
commit aeca706302
5 changed files with 30 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
util/Nginx/Dockerfile
View File

@ -10,6 +10,8 @@ RUN apt-get update \
COPY nginx.conf /etc/nginx
COPY proxy.conf /etc/nginx
COPY mime.types /etc/nginx
COPY security-headers.conf /etc/nginx
COPY security-headers-ssl.conf /etc/nginx
COPY entrypoint.sh /
RUN chmod +x /entrypoint.sh

3
util/Nginx/nginx.conf
View File

@ -140,6 +140,9 @@ http {
map $uri $fido_content_type {
default "application/fido.trusted-apps+json";
}
# Security headers
include security-headers.conf;
# Include files in the sites-enabled folder. server{} configuration files should be
# placed in the sites-available folder, and then the configuration should be enabled

2
util/Nginx/security-headers-ssl.conf Normal file
View File

@ -0,0 +1,2 @@
# This will enforce HTTP browsing into HTTPS and avoid ssl stripping attack. 6 months age
add_header Strict-Transport-Security max-age=15768000;

4
util/Nginx/security-headers.conf Normal file
View File

@ -0,0 +1,4 @@
add_header Referrer-Policy same-origin;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";