{% if ansible_prolog -%}
{% from 'templates/ansible/prolog.j2' import prolog with context %}
{{ prolog() }}
{% endif -%}
#
# Various security rules
#

{% if nginx_security_xframeoptions %}
# Clickjacking protection
add_header X-Frame-Options "sameorigin";
{% endif %}

{% if nginx_security_xxssprotection %}
# Cross-site scripting (XSS) filter
add_header X-XSS-Protection "1; mode=block";
{% endif %}

{% if nginx_security_xcontenttypeoptions %}
# Prevents from MIME-sniffing a response away from the declared content-type
add_header X-Content-Type-Options "nosniff";
{% endif %}