khanh.pndc/odoo-docs
1
0
Fork 0
mirror of https://github.com/odoo/documentation.git synced 2025-12-12 07:29:27 +07:00
Code Issues Packages Projects Releases Wiki Activity

[IMP] admin: missing header with X-Accel-Redirect

Browse Source 
Nginx doesn't set the Content-Security-Policy and X-Content-Type-Options
headers on the response it sends to the browser even though they were
present on the response from the Odoo server.

X-original-commit: 4624403d76
This commit is contained in:
Julien Castiaux
2025-12-04 15:19:32 +00:00
parent f71706c1d2
commit adec5ab130
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
content/administration/on_premise/deploy.rst
View File

@@ -533,6 +533,8 @@ X-Sendfile and X-Accel).
location /web/filestore { location /web/filestore {
internal; internal;
alias /path/to/odoo/data-dir/filestore; alias /path/to/odoo/data-dir/filestore;
add_header Content-Security-Policy $upstream_http_content_security_policy;
add_header X-Content-Type-Options nosniff;
} }
In case you don't know what is the path to your filestore, start Odoo with the In case you don't know what is the path to your filestore, start Odoo with the