~kmcopper

Recent activity

[PATCH 1/1] nginx/http.conf: security headers 5 years ago

From Kyle Copperfield to ~sircmpwn/sr.ht-dev

- Strong defaults based on the mozilla ssl generator
- Commented out CSP (needs input on remote includes in sr.ht)
- XFO / XSS  / Content-Type all common headers
- Strict cross origin referrer policy to prevent data leaks
- Strict feature policies sr.ht does not need, with omissions for
potentially used features in the future
- DNS prefetch limitation on urls simply on the page
- upgrade insecure requests for remote includes, which should really be
blocked by the CSP anyway.
---
 nginx/http.conf | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/nginx/http.conf b/nginx/http.conf
[message trimmed]

[PATCH 0/1] sr.ht-etc nginx security headers 5 years ago

From Kyle Copperfield to ~sircmpwn/sr.ht-dev

This patch adds both security headers and strong cipher suites to the
nginx configuration of sr.ht

Kyle Copperfield (1):
  nginx/http.conf: security headers

 nginx/http.conf | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

-- 
2.24.0