I’m trying to add three headers for security to all text/html content:
add_header X-Content-Type-Options ‘nosniff’;
add_header X-Frame-Options ‘DENY’;
add_header X-XSS-Protection ‘1; mode=block’;
I’d like to add these to a number of different sites & virtual hosts in
nginx.
Q: Is there an easy way to add this to multiple different hosts
without updating every server{} block?
Can I put this into an http{} section in some way (but still limit it
to text/html)?
Best,
Nick
Nick Semenkovich