nginx: headers only main nginx

resolve the headers only in the NGINX that serves HTTPS and not in the container
author: Jesús <heckyel@hyperbola.info> 2021-10-25 15:17:48 -0500
committer: Jesús <heckyel@hyperbola.info> 2021-10-25 15:17:48 -0500
commit: 1693bd969b53b4d991f59b4257b0c42a665d14e0 (patch)
tree: 831803be1adbe5d78f1fb1dd65e075232f4eb1bb /gitolite-cgit/entrypoint.sh
parent: d28adfa17362cbb58b165317b2693c1433358b92 (diff)
download: gitolite-cgit-docker-1693bd969b53b4d991f59b4257b0c42a665d14e0.tar.lz
gitolite-cgit-docker-1693bd969b53b4d991f59b4257b0c42a665d14e0.tar.xz
gitolite-cgit-docker-1693bd969b53b4d991f59b4257b0c42a665d14e0.zip
1 files changed, 0 insertions, 11 deletions
diff --git a/gitolite-cgit/entrypoint.sh b/gitolite-cgit/entrypoint.sh
index e82154c..c1ec87f 100755
--- a/gitolite-cgit/entrypoint.sh
+++ b/gitolite-cgit/entrypoint.sh
@@ -328,17 +328,6 @@ EOF
     access_log off;
     error_log off;
 
-    # Aditional Security Headers
-
-    # ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
-    add_header X-Frame-Options DENY always;
-
-    # ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
-    add_header X-Content-Type-Options nosniff always;
-
-    # ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
-    add_header X-Xss-Protection "1; mode=block" always;
-
     root /usr/share/webapps/cgit;
     try_files \$uri @cgit;
author	Jesús <heckyel@hyperbola.info>	2021-10-25 15:17:48 -0500
committer	Jesús <heckyel@hyperbola.info>	2021-10-25 15:17:48 -0500
commit	1693bd969b53b4d991f59b4257b0c42a665d14e0 (patch)
tree	831803be1adbe5d78f1fb1dd65e075232f4eb1bb /gitolite-cgit/entrypoint.sh
parent	d28adfa17362cbb58b165317b2693c1433358b92 (diff)
download	gitolite-cgit-docker-1693bd969b53b4d991f59b4257b0c42a665d14e0.tar.lz gitolite-cgit-docker-1693bd969b53b4d991f59b4257b0c42a665d14e0.tar.xz gitolite-cgit-docker-1693bd969b53b4d991f59b4257b0c42a665d14e0.zip