|
|
@ -204,6 +204,7 @@ server {
|
|
|
|
add_header 'Content-Length' 0;
|
|
|
|
add_header 'Content-Length' 0;
|
|
|
|
return 204;
|
|
|
|
return 204;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
add_header X-Content-Type-Options nosniff;
|
|
|
|
add_header Cache-Control max-age=31536000;
|
|
|
|
add_header Cache-Control max-age=31536000;
|
|
|
|
add_header 'Access-Control-Allow-Origin' "${allowed_origins}";
|
|
|
|
add_header 'Access-Control-Allow-Origin' "${allowed_origins}";
|
|
|
|
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
|
|
|
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
|
|
@ -216,6 +217,7 @@ server {
|
|
|
|
# these payloads are unlocked via login credentials. They are mutable
|
|
|
|
# these payloads are unlocked via login credentials. They are mutable
|
|
|
|
# and are thus never cached. They're small enough that it doesn't matter, in any case.
|
|
|
|
# and are thus never cached. They're small enough that it doesn't matter, in any case.
|
|
|
|
location ^~ /block/ {
|
|
|
|
location ^~ /block/ {
|
|
|
|
|
|
|
|
add_header X-Content-Type-Options nosniff;
|
|
|
|
add_header Cache-Control max-age=0;
|
|
|
|
add_header Cache-Control max-age=0;
|
|
|
|
try_files $uri =404;
|
|
|
|
try_files $uri =404;
|
|
|
|
}
|
|
|
|
}
|
|
|
|