From 1693bd969b53b4d991f59b4257b0c42a665d14e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jes=C3=BAs?= Date: Mon, 25 Oct 2021 15:17:48 -0500 Subject: nginx: headers only main nginx resolve the headers only in the NGINX that serves HTTPS and not in the container --- gitolite-cgit/entrypoint.sh | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/gitolite-cgit/entrypoint.sh b/gitolite-cgit/entrypoint.sh index e82154c..c1ec87f 100755 --- a/gitolite-cgit/entrypoint.sh +++ b/gitolite-cgit/entrypoint.sh @@ -328,17 +328,6 @@ EOF access_log off; error_log off; - # Aditional Security Headers - - # ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options - add_header X-Frame-Options DENY always; - - # ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options - add_header X-Content-Type-Options nosniff always; - - # ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection - add_header X-Xss-Protection "1; mode=block" always; - root /usr/share/webapps/cgit; try_files \$uri @cgit; -- cgit v1.2.3