homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Headers middleware: support Content-Security-Policy-Report-Only

Browse source
This commit is contained in:
Roman Donchenko 2024-06-07 10:24:04 +03:00 committed by GitHub
parent 67f0700377
commit b37aaea36d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
17 changed files with 116 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

4
docs/content/middlewares/http/headers.md
View file

@ -394,6 +394,10 @@ This overrides the `BrowserXssFilter` option.
The `contentSecurityPolicy` option allows the `Content-Security-Policy` header value to be set with a custom value.
### `contentSecurityPolicyReportOnly`
The `contentSecurityPolicyReportOnly` option allows the `Content-Security-Policy-Report-Only` header value to be set with a custom value.
### `publicKey`
The `publicKey` implements HPKP to prevent MITM attacks with forged certificates.