khanh.pndc/odoo-docs
1
0
Fork 0
mirror of https://github.com/odoo/documentation.git synced 2025-12-12 07:29:27 +07:00
Code Issues Packages Projects Releases Wiki Activity

[IMP] admin: missing header with X-Accel-Redirect

Browse Source 
Nginx doesn't set the Content-Security-Policy and X-Content-Type-Options
headers on the response it sends to the browser even though they were
present on the response from the Odoo server.

closes odoo/documentation#15593

X-original-commit: 4624403d76
Signed-off-by: Julien Castiaux (juc) <juc@odoo.com>
This commit is contained in:
Julien Castiaux
2025-12-04 15:19:32 +00:00
parent 4427ec20cf
commit 3c47183774
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
content/administration/on_premise/deploy.rst
View File

@@ -533,6 +533,8 @@ X-Sendfile and X-Accel).
location /web/filestore { location /web/filestore {
internal; internal;
alias /path/to/odoo/data-dir/filestore; alias /path/to/odoo/data-dir/filestore;
add_header Content-Security-Policy $upstream_http_content_security_policy;
add_header X-Content-Type-Options nosniff;
} }
In case you don't know what is the path to your filestore, start Odoo with the In case you don't know what is the path to your filestore, start Odoo with the