|
add_header Referrer-Policy 'no-referrer';
|
|
add_header X-Content-Type-Options "nosniff" always;
|
|
add_header X-Frame-Options SAMEORIGIN always;
|
|
add_header X-XSS-Protection "1; mode=block" always;
|
|
add_header Content-Security-Policy "upgrade-insecure-requests";
|
|
|
|
|
