khanh.pndc/odoo-docs
1
0
Fork 0
mirror of https://github.com/odoo/documentation.git synced 2025-12-12 07:29:27 +07:00
Code Issues Packages Projects Releases Wiki Activity

[IMP] admin: missing header with X-Accel-Redirect

Browse Source 
Nginx doesn't set the Content-Security-Policy and X-Content-Type-Options
headers on the response it sends to the browser even though they were
present on the response from the Odoo server.

closes odoo/documentation#15592

X-original-commit: 4624403d76
Signed-off-by: Julien Castiaux (juc) <juc@odoo.com>
This commit is contained in:
Julien Castiaux
2025-12-04 15:19:32 +00:00
parent 759101d188
commit 9910e344ed
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
content/administration/on_premise/deploy.rst
View File

@@ -533,6 +533,8 @@ X-Sendfile and X-Accel).
location /web/filestore {
internal;
alias /path/to/odoo/data-dir/filestore;
add_header Content-Security-Policy $upstream_http_content_security_policy;
add_header X-Content-Type-Options nosniff;
}
In case you don't know what is the path to your filestore, start Odoo with the