12.5.2. Add XSS protection headers on Nginx

Warning

You are looking at documentation for an older release. Not what you want? See the current release documentation.

Add the following line in the http or server part of your Nginx configuration :

        ...
        # XSS Protection
        add_header X-Frame-Options SAMEORIGIN;
        add_header X-XSS-Protection 1;
        add_header Content-Security-Policy "frame-ancestors 'self'"
        ...
        
Copyright ©. All rights reserved. eXo Platform SAS
blog comments powered byDisqus