khanh.pndc/odoo-docs
1
0
Fork 0
mirror of https://github.com/odoo/documentation.git synced 2025-12-12 07:29:27 +07:00
Code Issues Packages Projects Releases Wiki Activity

[IMP] admin: missing header with X-Accel-Redirect

Browse Source 
Nginx doesn't set the Content-Security-Policy and X-Content-Type-Options
headers on the response it sends to the browser even though they were
present on the response from the Odoo server.

closes odoo/documentation#15571

Signed-off-by: Julien Castiaux (juc) <juc@odoo.com>
This commit is contained in:
Julien Castiaux
2025-12-04 16:19:32 +01:00
parent f072d94a46
commit 4624403d76
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
content/administration/on_premise/deploy.rst
View File

@@ -533,6 +533,8 @@ X-Sendfile and X-Accel).
location /web/filestore { location /web/filestore {
internal; internal;
alias /path/to/odoo/data-dir/filestore; alias /path/to/odoo/data-dir/filestore;
add_header Content-Security-Policy $upstream_http_content_security_policy;
add_header X-Content-Type-Options nosniff;
} }
In case you don't know what is the path to your filestore, start Odoo with the In case you don't know what is the path to your filestore, start Odoo with the