|
@@ -7,6 +7,8 @@
|
|
|
https://dashboard.NETMAKER_BASE_DOMAIN {
|
|
https://dashboard.NETMAKER_BASE_DOMAIN {
|
|
|
# Apply basic security headers
|
|
# Apply basic security headers
|
|
|
header {
|
|
header {
|
|
|
|
|
+ # Enable cross origin access to *.NETMAKER_BASE_DOMAIN
|
|
|
|
|
+ Access-Control-Allow-Origin *.NETMAKER_BASE_DOMAIN
|
|
|
# Enable HTTP Strict Transport Security (HSTS)
|
|
# Enable HTTP Strict Transport Security (HSTS)
|
|
|
Strict-Transport-Security "max-age=31536000;"
|
|
Strict-Transport-Security "max-age=31536000;"
|
|
|
# Enable cross-site filter (XSS) and tell browser to block detected attacks
|
|
# Enable cross-site filter (XSS) and tell browser to block detected attacks
|
dcarns