Mercurial > repos > other > Puppet

view modules/website/templates/https_core_conf.erb @ 373:c68883dde00b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Increase HSTS header duration Apparently 6 months isn't long enough and we need at least 12
author IBBoard <dev@ibboard.co.uk>
date Tue, 15 Jun 2021 19:30:24 +0100
parents 94f34831132d
children
line wrap: on
line source

Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
<%- if @csp -%>
Header always set Content-Security-Policy "upgrade-insecure-requests; <%= @csp_string %>"
<%- end -%>
<%- if @csp_report -%>
Header always set Content-Security-Policy-Report-Only "<%= @csp_report_string %>"
<%- end -%>
Header always set X-Xss-Protection "1; mode=block"
Header always set X-Content-Type-Options "nosniff"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set Feature-Policy "interest-cohort 'none'; accelerometer 'none'; autoplay 'none'; battery 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none';"
Header always set Permissions-Policy "interest-cohort=(); accelerometer=(); autoplay=(); battery=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=();"

<If "%{HTTP_HOST} != '<%= @primary_name %>'">
	Redirect permanent "/" "https://<%= @primary_name %>/"
</If>