From af47d678f76cab3c9c3f00e664e8c306df0baa69 Mon Sep 17 00:00:00 2001
From: Dr Masroor Ehsan <masroore@gmail.com>
Date: Sun, 2 Feb 2025 00:44:27 +0600
Subject: [PATCH] nginx

---
 config/ohif/nginx/ohif.conf | 31 ++++++++++++++++---------------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/config/ohif/nginx/ohif.conf b/config/ohif/nginx/ohif.conf
index 3df4733..ed14dd3 100644
--- a/config/ohif/nginx/ohif.conf
+++ b/config/ohif/nginx/ohif.conf
@@ -1,4 +1,13 @@
 location / {
+	add_header 'Access-Control-Allow-Credentials' 'true';
+	add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
+	add_header 'Access-Control-Allow-Methods' '*';
+	add_header 'Access-Control-Allow-Origin' '*';  
+
+	if ($request_method = OPTIONS ) {
+		return 200;
+	}
+
 	root /usr/share/nginx/html;
 	index index.html index.htm;
 	try_files $uri $uri/ /index.html;
@@ -8,23 +17,15 @@ location / {
 	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 	proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
 
-        if ($request_method = OPTIONS ) {
-            add_header 'Access-Control-Allow-Origin'  '*';
-	    add_header 'Access-Control-Allow-Credentials' 'true';
-            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, HEAD';
-            add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
-
-            return 200;
-        }
-
-        if ($request_method ~* '(GET|POST)') {
-            add_header 'Access-Control-Allow-Origin' '*';
-            add_header 'Access-Control-Allow-Credentials' 'true';
-        }
-
 	add_header Cross-Origin-Opener-Policy same-origin;
 	add_header Cross-Origin-Embedder-Policy require-corp;
 	add_header Cross-Origin-Resource-Policy same-origin;
+	
+	add_header Content-Security-Policy "upgrade-insecure-requests";
+	add_header X-Content-Type-Options "nosniff";
+	add_header Referrer-Policy "strict-origin-when-cross-origin";
+	add_header Strict-Transport-Security "max-age=1000";
+
 	add_header Cache-Control "no-store, no-cache, must-revalidate";
 }
 
@@ -52,5 +53,5 @@ location /orthanc/ {
 	add_header 'Access-Control-Allow-Credentials' 'true';
 	add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
 	add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
-	add_header 'Access-Control-Allow-Origin' '*';    
+	add_header 'Access-Control-Allow-Origin' '*';  
 }
\ No newline at end of file