diff --git a/docs/example.nginx.conf b/docs/example.nginx.conf index be56e10cd..6124b117a 100644 --- a/docs/example.nginx.conf +++ b/docs/example.nginx.conf @@ -204,6 +204,7 @@ server { add_header 'Content-Length' 0; return 204; } + add_header X-Content-Type-Options nosniff; add_header Cache-Control max-age=31536000; add_header 'Access-Control-Allow-Origin' "${allowed_origins}"; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; @@ -216,6 +217,7 @@ server { # these payloads are unlocked via login credentials. They are mutable # and are thus never cached. They're small enough that it doesn't matter, in any case. location ^~ /block/ { + add_header X-Content-Type-Options nosniff; add_header Cache-Control max-age=0; try_files $uri =404; }