-
Notifications
You must be signed in to change notification settings - Fork 1
/
nginx.conf
40 lines (33 loc) · 1.65 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
server {
listen 5000;
server_name localhost;
root /usr/share/nginx/html;
index index.html index.htm;
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
expires -1;
}
location ~* \.(?:css|js|svg)$ {
try_files $uri =404;
expires 1y;
access_log off;
add_header Cache-Control "public";
}
location ~ ^.+\..+$ {
try_files $uri =404;
}
location / {
try_files $uri $uri/ /index.html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
add_header Content-Security-Policy "default-src 'none'; script-src 'self'; manifest-src 'self'; connect-src 'self' wss://*.meadstats.com https://*.meadstats.com; img-src 'self' data: untappd.akamaized.net gravatar.com *.wp.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; base-uri 'none'; form-action 'none'; report-uri https://meadstats.report-uri.com/r/d/csp/enforce";
add_header Feature-Policy "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'";
add_header NEL "{\"report_to\":\"default\",\"max_age\":31536000,\"include_subdomains\":true}";
add_header Referrer-Policy "same-origin" always;
add_header Report-To "{\"group\":\"default\",\"max_age\":31536000,\"endpoints\":[{\"url\":\"https://meadstats.report-uri.com/a/d/g\"}],\"include_subdomains\":true}";
add_header X-Content-Type-Options "nosniff";
add_header X-Frame-Options "DENY";
add_header X-XSS-Protection "1; mode=block; report=https://meadstats.report-uri.com/r/d/xss/enforce";
}