nginx
This commit is contained in:
parent
aa55ba0ff7
commit
af47d678f7
@ -1,4 +1,13 @@
|
|||||||
location / {
|
location / {
|
||||||
|
add_header 'Access-Control-Allow-Credentials' 'true';
|
||||||
|
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
|
||||||
|
add_header 'Access-Control-Allow-Methods' '*';
|
||||||
|
add_header 'Access-Control-Allow-Origin' '*';
|
||||||
|
|
||||||
|
if ($request_method = OPTIONS ) {
|
||||||
|
return 200;
|
||||||
|
}
|
||||||
|
|
||||||
root /usr/share/nginx/html;
|
root /usr/share/nginx/html;
|
||||||
index index.html index.htm;
|
index index.html index.htm;
|
||||||
try_files $uri $uri/ /index.html;
|
try_files $uri $uri/ /index.html;
|
||||||
@ -8,23 +17,15 @@ location / {
|
|||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
|
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
|
||||||
|
|
||||||
if ($request_method = OPTIONS ) {
|
|
||||||
add_header 'Access-Control-Allow-Origin' '*';
|
|
||||||
add_header 'Access-Control-Allow-Credentials' 'true';
|
|
||||||
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, HEAD';
|
|
||||||
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
|
|
||||||
|
|
||||||
return 200;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($request_method ~* '(GET|POST)') {
|
|
||||||
add_header 'Access-Control-Allow-Origin' '*';
|
|
||||||
add_header 'Access-Control-Allow-Credentials' 'true';
|
|
||||||
}
|
|
||||||
|
|
||||||
add_header Cross-Origin-Opener-Policy same-origin;
|
add_header Cross-Origin-Opener-Policy same-origin;
|
||||||
add_header Cross-Origin-Embedder-Policy require-corp;
|
add_header Cross-Origin-Embedder-Policy require-corp;
|
||||||
add_header Cross-Origin-Resource-Policy same-origin;
|
add_header Cross-Origin-Resource-Policy same-origin;
|
||||||
|
|
||||||
|
add_header Content-Security-Policy "upgrade-insecure-requests";
|
||||||
|
add_header X-Content-Type-Options "nosniff";
|
||||||
|
add_header Referrer-Policy "strict-origin-when-cross-origin";
|
||||||
|
add_header Strict-Transport-Security "max-age=1000";
|
||||||
|
|
||||||
add_header Cache-Control "no-store, no-cache, must-revalidate";
|
add_header Cache-Control "no-store, no-cache, must-revalidate";
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -52,5 +53,5 @@ location /orthanc/ {
|
|||||||
add_header 'Access-Control-Allow-Credentials' 'true';
|
add_header 'Access-Control-Allow-Credentials' 'true';
|
||||||
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
|
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
|
||||||
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
||||||
add_header 'Access-Control-Allow-Origin' '*';
|
add_header 'Access-Control-Allow-Origin' '*';
|
||||||
}
|
}
|
||||||
Loading…
Reference in New Issue
Block a user