summaryrefslogtreecommitdiffstats
path: root/.htaccess
diff options
context:
space:
mode:
authorJ0WI <J0WI@users.noreply.github.com>2019-07-01 18:41:59 +0200
committerRoeland Jago Douma <roeland@famdouma.nl>2019-08-11 20:11:50 +0200
commitbd9403d3da5150389508c11e6a7beacf61c192ff (patch)
tree44043479b21255bafd5d02f27455f0bf926deadb /.htaccess
parent3f2932c75a44feed4d10183fb7a286ed1b1e8ce4 (diff)
downloadnextcloud-server-bd9403d3da5150389508c11e6a7beacf61c192ff.tar.gz
nextcloud-server-bd9403d3da5150389508c11e6a7beacf61c192ff.zip
Use "always" condition for security headers
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
Diffstat (limited to '.htaccess')
-rw-r--r--.htaccess14
1 files changed, 7 insertions, 7 deletions
diff --git a/.htaccess b/.htaccess
index a81b6765267..43c8ea22065 100644
--- a/.htaccess
+++ b/.htaccess
@@ -11,13 +11,13 @@
<IfModule mod_env.c>
# Add security and privacy related headers
- Header set Referrer-Policy "no-referrer"
- Header set X-Content-Type-Options "nosniff"
- Header set X-Download-Options "noopen"
- Header set X-Frame-Options "SAMEORIGIN"
- Header set X-Permitted-Cross-Domain-Policies "none"
- Header set X-Robots-Tag "none"
- Header set X-XSS-Protection "1; mode=block"
+ Header always set Referrer-Policy "no-referrer"
+ Header always set X-Content-Type-Options "nosniff"
+ Header always set X-Download-Options "noopen"
+ Header always set X-Frame-Options "SAMEORIGIN"
+ Header always set X-Permitted-Cross-Domain-Policies "none"
+ Header always set X-Robots-Tag "none"
+ Header always set X-XSS-Protection "1; mode=block"
SetEnv modHeadersAvailable true
</IfModule>