only allow x-frame to /video/embed path for security
This commit is contained in:
parent
174c8658d0
commit
e200a3bbb5
|
@ -1,4 +1,5 @@
|
|||
proxy_hide_header X-Frame-Options;
|
||||
add_header X-Frame-Options https://__DOMAIN__/videos/embed;
|
||||
|
||||
location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ {
|
||||
add_header Cache-Control "public, max-age=31536000, immutable";
|
||||
|
||||
|
|
Loading…
Reference in New Issue