Download:
Patch
child 78:869d3bf908e3
parent 76:58b888d4b0b4
77:767e10d88a24
Anton Shestakov <av6@dwimlabs.net>, Wed, 06 Apr 2016 13:06:28 +0800
provision: move X-Frame-Options header out of {% if ssl-enabled %} Because it's not a HTTPS-only feature, let's enable it always.
1 файлов изменено, 3 вставок(+), 3 удалений(-) [+]
provision/roles/fruitbar/templates/etc/nginx/sites-available/fruitbar file | annotate | diff | comparison | revisions 
--- a/provision/roles/fruitbar/templates/etc/nginx/sites-available/fruitbar	Wed Mar 02 21:42:54 2016 +0800
+++ b/provision/roles/fruitbar/templates/etc/nginx/sites-available/fruitbar	Wed Apr 06 13:06:28 2016 +0800
@@ -40,15 +40,15 @@
     resolver 8.8.8.8 [2001:4860:4860::8888] 8.8.4.4 [2001:4860:4860::8844];
     resolver_timeout 5s;
 
-    # access from <frame | iframe | object>: DENY | SAMEORIGIN | ALLOW-FROM uri
-    add_header X-Frame-Options 'SAMEORIGIN';
-
     # HSTS: 31536000 = 365 days (set to 0 to expire and allow plain HTTP)
     add_header Strict-Transport-Security 'max-age=31536000';
 
     add_header Cache-Control private;
 {% endif %}
 
+    # access from <frame | iframe | object>: DENY | SAMEORIGIN | ALLOW-FROM uri
+    add_header X-Frame-Options 'SAMEORIGIN';
+
     access_log /var/log/nginx/fruitbar.{{ umbrella }}.access.log;
     error_log /var/log/nginx/fruitbar.{{ umbrella }}.error.log;