disallow my sites from being iframed [ci skip]
This commit is contained in:
Viktor Barzin
parent
aa2acad165
commit
cc419c68b7
2 changed files with 2 additions and 0 deletions
|
|
@ -119,6 +119,8 @@ resource "kubernetes_ingress_v1" "proxied-ingress" {
|
||||||
"nginx.ingress.kubernetes.io/configuration-snippet" = <<-EOF
|
"nginx.ingress.kubernetes.io/configuration-snippet" = <<-EOF
|
||||||
limit_req_status 429;
|
limit_req_status 429;
|
||||||
limit_conn_status 429;
|
limit_conn_status 429;
|
||||||
|
# Prevent iframe embedding (clickjacking protection) - allow subdomains only
|
||||||
|
add_header Content-Security-Policy "frame-ancestors 'self' *.viktorbarzin.me viktorbarzin.me" always;
|
||||||
${var.rybbit_site_id != null ? <<-JS
|
${var.rybbit_site_id != null ? <<-JS
|
||||||
# Rybbit Analytics
|
# Rybbit Analytics
|
||||||
# Only modify HTML
|
# Only modify HTML
|
||||||
|
|
|
||||||
Binary file not shown.
Loading…
Add table
Add a link
Reference in a new issue