Adding NGINX Frame sameorigin

dbpolito · dbpolito · commit 8db79168e6b9 · 2021-05-04T11:41:43.000-03:00
diff --git a/7.1-nginx-prod/default.tmpl b/7.1-nginx-prod/default.tmpl
@@ -31,6 +31,9 @@ server {
         deny all;
     }
 
+    # good practices
+    add_header X-Frame-Options "SAMEORIGIN";
+
     # basic H5BP suggestions
     include h5bp/internet_explorer/x-ua-compatible.conf;
     include h5bp/security/referrer-policy.conf;
diff --git a/7.1-nginx/default.tmpl b/7.1-nginx/default.tmpl
@@ -31,6 +31,9 @@ server {
         deny all;
     }
 
+    # good practices
+    add_header X-Frame-Options "SAMEORIGIN";
+
     # basic H5BP suggestions
     include h5bp/internet_explorer/x-ua-compatible.conf;
     include h5bp/security/referrer-policy.conf;
diff --git a/7.2-nginx-prod/default.tmpl b/7.2-nginx-prod/default.tmpl
@@ -31,6 +31,9 @@ server {
         deny all;
     }
 
+    # good practices
+    add_header X-Frame-Options "SAMEORIGIN";
+
     # basic H5BP suggestions
     include h5bp/internet_explorer/x-ua-compatible.conf;
     include h5bp/security/referrer-policy.conf;
diff --git a/7.2-nginx/default.tmpl b/7.2-nginx/default.tmpl
@@ -31,6 +31,9 @@ server {
         deny all;
     }
 
+    # good practices
+    add_header X-Frame-Options "SAMEORIGIN";
+
     # basic H5BP suggestions
     include h5bp/internet_explorer/x-ua-compatible.conf;
     include h5bp/security/referrer-policy.conf;
diff --git a/7.3-nginx-prod/default.tmpl b/7.3-nginx-prod/default.tmpl
@@ -31,6 +31,9 @@ server {
         deny all;
     }
 
+    # good practices
+    add_header X-Frame-Options "SAMEORIGIN";
+
     # basic H5BP suggestions
     include h5bp/internet_explorer/x-ua-compatible.conf;
     include h5bp/security/referrer-policy.conf;
diff --git a/7.3-nginx/default.tmpl b/7.3-nginx/default.tmpl
@@ -31,6 +31,9 @@ server {
         deny all;
     }
 
+    # good practices
+    add_header X-Frame-Options "SAMEORIGIN";
+
     # basic H5BP suggestions
     include h5bp/internet_explorer/x-ua-compatible.conf;
     include h5bp/security/referrer-policy.conf;
diff --git a/7.4-nginx-prod/default.tmpl b/7.4-nginx-prod/default.tmpl
@@ -31,6 +31,9 @@ server {
         deny all;
     }
 
+    # good practices
+    add_header X-Frame-Options "SAMEORIGIN";
+
     # basic H5BP suggestions
     include h5bp/internet_explorer/x-ua-compatible.conf;
     include h5bp/security/referrer-policy.conf;
diff --git a/7.4-nginx/default.tmpl b/7.4-nginx/default.tmpl
@@ -31,6 +31,9 @@ server {
         deny all;
     }
 
+    # good practices
+    add_header X-Frame-Options "SAMEORIGIN";
+
     # basic H5BP suggestions
     include h5bp/internet_explorer/x-ua-compatible.conf;
     include h5bp/security/referrer-policy.conf;
diff --git a/8.0-nginx-prod/default.tmpl b/8.0-nginx-prod/default.tmpl
@@ -31,6 +31,9 @@ server {
         deny all;
     }
 
+    # good practices
+    add_header X-Frame-Options "SAMEORIGIN";
+
     # basic H5BP suggestions
     include h5bp/internet_explorer/x-ua-compatible.conf;
     include h5bp/security/referrer-policy.conf;
diff --git a/8.0-nginx/default.tmpl b/8.0-nginx/default.tmpl
@@ -31,6 +31,9 @@ server {
         deny all;
     }
 
+    # good practices
+    add_header X-Frame-Options "SAMEORIGIN";
+
     # basic H5BP suggestions
     include h5bp/internet_explorer/x-ua-compatible.conf;
     include h5bp/security/referrer-policy.conf;
diff --git a/template/default-tmpl.blade.php b/template/default-tmpl.blade.php
@@ -31,6 +31,9 @@
         deny all;
     }
 
+    # good practices
+    add_header X-Frame-Options "SAMEORIGIN";
+
     # basic H5BP suggestions
     include h5bp/internet_explorer/x-ua-compatible.conf;
     include h5bp/security/referrer-policy.conf;

Original file line number	Diff line number	Diff line change
`@@ -31,6 +31,9 @@ server {`
`31`	`31`	`deny all;`
`32`	`32`	`}`
`33`	`33`
	`34`	`+ # good practices`
	`35`	`+ add_header X-Frame-Options "SAMEORIGIN";`
	`36`	`+`
`34`	`37`	`# basic H5BP suggestions`
`35`	`38`	`include h5bp/internet_explorer/x-ua-compatible.conf;`
`36`	`39`	`include h5bp/security/referrer-policy.conf;`