refactor: remove security headers from nginx configuration

2025-02-16 11:08:36 -03:00
parent 64ca3bedf4
commit d1a08d055a
1 changed files with 0 additions and 7 deletions
--- a/nginx.conf
+++ b/nginx.conf
@@ -4,13 +4,6 @@ server {
    root /usr/share/nginx/html;
    index index.html;

-    # Security headers
-    add_header X-XSS-Protection "1; mode=block";
-    add_header X-Content-Type-Options "nosniff";
-    add_header X-Frame-Options "SAMEORIGIN";
-    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';";
-    add_header Referrer-Policy "strict-origin-when-cross-origin";
-
    location / {
        try_files $uri $uri/ /index.html;
    }