khanh.pndc/odoo-docs
1
0
Fork 0
mirror of https://github.com/odoo/documentation.git synced 2025-12-12 07:29:27 +07:00
Code Issues Packages Projects Releases Wiki Activity

[IMP] admin: missing header with X-Accel-Redirect

Browse Source 
Nginx doesn't set the Content-Security-Policy and X-Content-Type-Options
headers on the response it sends to the browser even though they were
present on the response from the Odoo server.

closes odoo/documentation#15592

X-original-commit: 4624403d76
Signed-off-by: Julien Castiaux (juc) <juc@odoo.com>
This commit is contained in:
Julien Castiaux
2025-12-04 15:19:32 +00:00
parent 759101d188
commit 9910e344ed
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
content/administration/on_premise/deploy.rst
View File

@@ -533,6 +533,8 @@ X-Sendfile and X-Accel).
location /web/filestore { location /web/filestore {
internal; internal;
alias /path/to/odoo/data-dir/filestore; alias /path/to/odoo/data-dir/filestore;
add_header Content-Security-Policy $upstream_http_content_security_policy;
add_header X-Content-Type-Options nosniff;
} }
In case you don't know what is the path to your filestore, start Odoo with the In case you don't know what is the path to your filestore, start Odoo with the