deblan
/
peertube_ynh
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

only allow x-frame to /video/embed path for security

This commit is contained in:
anmol26s 2018-07-15 16:57:54 +05:30
parent 174c8658d0
commit e200a3bbb5
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
conf/nginx.conf
View File

@ -1,4 +1,5 @@
proxy_hide_header X-Frame-Options;
add_header X-Frame-Options https://__DOMAIN__/videos/embed;
location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ {
add_header Cache-Control "public, max-age=31536000, immutable";