# This is an NGINX configuration file written and used by me in order to set security response headers.
 #
 # (c) Corrado Mulas <tlc@mulas.me>
 #
 # For the full copyright and license information, please view the LICENSE
 # file that was distributed with this source code.

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

add_header Referrer-Policy                   "no-referrer"       always;
add_header X-Content-Type-Options            "nosniff"           always;
add_header X-Frame-Options                   "SAMEORIGIN"        always;
add_header X-Permitted-Cross-Domain-Policies "none"              always;
add_header X-Robots-Tag                      "noindex, nofollow" always;

add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), interest-cohort=(), magnetometer=(), microphone=(), payment=(), usb=()" always;

add_header Cross-Origin-Opener-Policy "same-origin" always;