Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/server.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/.htaccess
diff options
context:
space:
mode:
Diffstat (limited to '.htaccess')
-rw-r--r--.htaccess17
1 files changed, 17 insertions, 0 deletions
diff --git a/.htaccess b/.htaccess
index 8b91422755c..87280cc9e01 100644
--- a/.htaccess
+++ b/.htaccess
@@ -11,13 +11,30 @@
<IfModule mod_env.c>
# Add security and privacy related headers
+
+ # Avoid doubled headers by unsetting headers in "onsuccess" table,
+ # then add headers to "always" table: https://github.com/nextcloud/server/pull/19002
+ Header onsuccess unset Referrer-Policy
Header always set Referrer-Policy "no-referrer"
+
+ Header onsuccess unset X-Content-Type-Options
Header always set X-Content-Type-Options "nosniff"
+
+ Header onsuccess unset X-Download-Options
Header always set X-Download-Options "noopen"
+
+ Header onsuccess unset X-Frame-Options
Header always set X-Frame-Options "SAMEORIGIN"
+
+ Header onsuccess unset X-Permitted-Cross-Domain-Policies
Header always set X-Permitted-Cross-Domain-Policies "none"
+
+ Header onsuccess unset X-Robots-Tag
Header always set X-Robots-Tag "none"
+
+ Header onsuccess unset X-XSS-Protection
Header always set X-XSS-Protection "1; mode=block"
+
SetEnv modHeadersAvailable true
</IfModule>
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-25 01:16:04 +0300