Unverified Commit d901d61f authored by Julien Bouquillon's avatar Julien Bouquillon 🐫 Committed by GitHub
Browse files

fix(ingress): add some security headers

parent 3c6862aa
{ {
"type": "static", "type": "static",
"name": "archifiltre-site", "name": "archifiltre-site",
"subdomain": "archifiltre" "subdomain": "archifiltre",
"annotations": {
"nginx.ingress.kubernetes.io/configuration-snippet": "more_set_headers \"Content-Security-Policy: default-src 'none'; connect-src 'self' https://*.gouv.fr; font-src 'self'; img-src 'self'; prefetch-src 'self' https://*.gouv.fr; script-src 'self' https://*.gouv.fr; frame-src 'self' https://*.gouv.fr; style-src 'self' 'unsafe-inline'\";\nmore_set_headers \"X-Frame-Options: deny\";\nmore_set_headers \"X-XSS-Protection: 1; mode=block\";\nmore_set_headers \"X-Content-Type-Options: nosniff\";"
} }
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment