security hardening
This commit is contained in:
Gerhard Scheikl
@@ -8,6 +8,15 @@
|
||||
# DEV — installed on linumiq-dev.myshopify.com
|
||||
invoice-app-dev.linumiq.com {
|
||||
encode zstd gzip
|
||||
# Security response headers. NOTE: deliberately no X-Frame-Options here —
|
||||
# this is an embedded Shopify app, and framing is governed by the
|
||||
# Content-Security-Policy `frame-ancestors` directive that the Shopify
|
||||
# library injects via addDocumentResponseHeaders (see app/entry.server.tsx).
|
||||
header {
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
||||
X-Content-Type-Options nosniff
|
||||
Referrer-Policy strict-origin-when-cross-origin
|
||||
}
|
||||
reverse_proxy linumiq-invoice-dev:3000
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user