gaja-group
/
server-configs-nginx
mirror of https://github.com/h5bp/server-configs-nginx
2
0
Fork 0
Code Issues Releases Wiki Activity
server-configs-nginx/h5bp/directive-only
History
Leon Klingele 934eaf3f87 Always add security-relevant headers to the response, regardless of the response code (implements #147) 
From nginx' add_header documentation:
```
add_header Adds the specified field to a response header provided that
the response code equals 200, 201, 204, 206, 301, 302, 303, 304, or 307.
```
At least for all security-relevant headers this should not be the case
and the header should always be added.
 		2016-07-07 13:29:58 +02:00
..
cache-file-descriptors.conf Move config snippets around 2013-11-22 10:50:58 +00:00
cross-domain-insecure.conf Don't use invalid examples 2015-05-29 15:32:23 +02:00
extra-security.conf Always add security-relevant headers to the response, regardless of the response code (implements #147) 2016-07-07 13:29:58 +02:00
no-transform.conf Add info on ngx_pagespeed & content transformation 2014-10-23 14:08:00 +03:00
spdy.conf Correct syntax for keepalive_timeout 2016-03-14 10:25:01 +02:00
ssl-stapling.conf fix format. 2015-12-04 22:25:31 +08:00
ssl.conf Always add security-relevant headers to the response, regardless of the response code (implements #147) 2016-07-07 13:29:58 +02:00
x-ua-compatible.conf Remove Chrome Frame related comment 2014-09-03 15:16:05 +03:00