only allow x-frame to /video/embed path for security
This commit is contained in:
parent
174c8658d0
commit
e200a3bbb5
|
@ -1,4 +1,5 @@
|
||||||
proxy_hide_header X-Frame-Options;
|
add_header X-Frame-Options https://__DOMAIN__/videos/embed;
|
||||||
|
|
||||||
location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ {
|
location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ {
|
||||||
add_header Cache-Control "public, max-age=31536000, immutable";
|
add_header Cache-Control "public, max-age=31536000, immutable";
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue