File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -11,6 +11,36 @@ http {
1111}
1212```
1313
14+ Running ` curl -IL http://example.com/ ` will yield additional headers:
15+
16+ ```
17+ HTTP/1.1 200 OK
18+ <Server: header removed>
19+ Date: Tue, 21 May 2019 16:15:46 GMT
20+ Content-Type: text/html; charset=UTF-8
21+ Vary: Accept-Encoding
22+ Accept-Ranges: bytes
23+ Connection: keep-alive
24+ X-Frame-Options: SAMEORIGIN <-----------
25+ X-XSS-Protection: 1; mode=block <-----------
26+ ```
27+
28+ Running ` curl -IL http://example.com/some.css ` (or ` some.js ` ) will yield additional headers:
29+
30+ ```
31+ HTTP/1.1 200 OK
32+ <Server: header removed>
33+ Date: Tue, 21 May 2019 16:15:46 GMT
34+ Content-Type: text/css; charset=UTF-8
35+ Vary: Accept-Encoding
36+ Accept-Ranges: bytes
37+ Connection: keep-alive
38+ X-Frame-Options: SAMEORIGIN <-----------
39+ X-XSS-Protection: 1; mode=block <-----------
40+ X-Content-Type-Options: nosniff <-----------
41+ ```
42+
43+
1444## Key Features
1545
1646* Plug-n-Play: the default set of security headers can be enabled with ` security_headers on; ` in your NGINX configuration
@@ -89,4 +119,4 @@ To compile the module into NGINX, run:
89119
90120Or you can compile it as dynamic module. In that case, use ` --add-dynamic-module ` instead, and load the module after compilation via:
91121
92- load_module modules/ngx_http_security_headers_module.so;
122+ load_module modules/ngx_http_security_headers_module.so;
You can’t perform that action at this time.
0 commit comments