khanh.pndc/nextcloud-docs
1
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2026-01-02 17:59:36 +07:00
Code Issues Packages Projects Releases Wiki Activity

Add Same-Origin update for Nginx

Browse Source 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
This commit is contained in:
Morris Jobke
2017-05-01 12:18:31 -03:00
parent 5a2d82ab17
commit 2b434c7fbd
2 changed files with 5 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
admin_manual/installation/nginx_nextcloud_9x.rst
View File

@@ -45,7 +45,6 @@ your nginx installation.
# add_header Strict-Transport-Security "max-age=15768000;
# includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
@@ -126,7 +125,6 @@ your nginx installation.
# add_header Strict-Transport-Security "max-age=15768000;
# includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
@@ -175,7 +173,6 @@ your nginx installation.
#add_header Strict-Transport-Security "max-age=15768000;
# includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
@@ -261,7 +258,6 @@ your nginx installation.
# add_header Strict-Transport-Security "max-age=15768000;
# includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;

7
admin_manual/release_notes.rst
View File

@@ -3,10 +3,13 @@ Nextcloud |version| Release Notes
=================================
Changes in 11
Changes in 12
-------------
tbd
* In the Nginx configuration the Same-Origin header was removed. This is now
handled in PHP and keeping it will result in a wrong header. Please remove
those lines in your Nginx config:
``add_header X-Frame-Options "SAMEORIGIN";``
Q & A
-----