X-Git-Url: https://git.ralfj.de/ansible.git/blobdiff_plain/9a2be3a8496bdf04794c14d84aa3a5017c8fb8db..2f2bd6804c18cdddc86cb3883ff8482c7cc7612f:/roles/apache/templates/security.conf?ds=inline diff --git a/roles/apache/templates/security.conf b/roles/apache/templates/security.conf index adefdd8..9334c36 100644 --- a/roles/apache/templates/security.conf +++ b/roles/apache/templates/security.conf @@ -59,7 +59,7 @@ Header set X-Content-Type-Options: "nosniff" # site as frames. This defends against clickjacking attacks. # Requires mod_headers to be enabled. # -Header set X-Frame-Options: "sameorigin" +Header add Content-Security-Policy "frame-ancestors 'self'" # vim: syntax=apache ts=4 sw=4 sts=4 sr noet