From a71fafd7238138726720756723ad9b2f7f37f14a Mon Sep 17 00:00:00 2001
From: Edwin Lyon <53972157+practical-engelbart@users.noreply.github.com>
Date: Fri, 9 Oct 2020 20:47:00 -0700
Subject: [PATCH] Updated headers.

---
 nginx/snippets/headers.conf | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/nginx/snippets/headers.conf b/nginx/snippets/headers.conf
index 1896e36..0c2ede7 100644
--- a/nginx/snippets/headers.conf
+++ b/nginx/snippets/headers.conf
@@ -1,6 +1,5 @@
-add_header   Referrer-Policy 'no-referrer';
-add_header   X-Content-Type-Options "nosniff" always;  
-add_header   X-Frame-Options SAMEORIGIN always;  
-add_header   X-XSS-Protection "1; mode=block" always;
-add_header   Content-Security-Policy "upgrade-insecure-requests";
+add_header X-XSS-Protection "1; mode=block";
+add_header Referrer-Policy "no-referrer";  
+add_header Content-Security-Policy "upgrade-insecure-requests";
+add_header Permissions-Policy "geolocation=();midi=();notifications=(self);push=(self);sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();";