{% if ansible_controlled is defined and ansible_controlled != "" %} # # {{ ansible_controlled }} # {% endif %} # # Various security rules # {% if nginx_security_xframeoptions %} # Clickjacking protection add_header X-Frame-Options "sameorigin"; {% endif %} {% if nginx_security_xxssprotection %} # Cross-site scripting (XSS) filter add_header X-XSS-Protection "1; mode=block"; {% endif %} {% if nginx_security_xcontenttypeoptions %} # Prevents from MIME-sniffing a response away from the declared content-type add_header X-Content-Type-Options "nosniff"; {% endif %}