| 1234567891011121314151617181920212223 |
- {% if ansible_controlled is defined and ansible_controlled != "" %}
- #
- # {{ ansible_controlled }}
- #
- {% endif %}
- #
- # Various security rules
- #
- {% if nginx_security_xframeoptions %}
- # Clickjacking protection
- add_header X-Frame-Options "sameorigin";
- {% endif %}
- {% if nginx_security_xxssprotection %}
- # Cross-site scripting (XSS) filter
- add_header X-XSS-Protection "1; mode=block";
- {% endif %}
- {% if nginx_security_xcontenttypeoptions %}
- # Prevents from MIME-sniffing a response away from the declared content-type
- add_header X-Content-Type-Options "nosniff";
- {% endif %}
|
