d0zingcat/ghost-docker
1
0
Fork 0
mirror of https://github.com/d0zingcat/ghost-docker.git synced 2026-05-13 15:09:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix security headers to use response headers instead of request headers

Browse Source 
Co-authored-by: d0zingcat <8235790+d0zingcat@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2025-12-06 02:31:40 +00:00
parent 6e75a7b3ed
commit c2c026ec54
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
compose.dokploy.yml
View File

@@ -49,10 +49,10 @@ services:
- "traefik.http.services.ghost.loadbalancer.server.port=2368"
# Security Headers
- "traefik.http.middlewares.security-headers.headers.customrequestheaders.Strict-Transport-Security=max-age=31536000"
- "traefik.http.middlewares.security-headers.headers.customrequestheaders.X-XSS-Protection=1; mode=block"
- "traefik.http.middlewares.security-headers.headers.customrequestheaders.X-Content-Type-Options=nosniff"
- "traefik.http.middlewares.security-headers.headers.customrequestheaders.Referrer-Policy=strict-origin-when-cross-origin"
- "traefik.http.middlewares.security-headers.headers.customresponseheaders.Strict-Transport-Security=max-age=31536000"
- "traefik.http.middlewares.security-headers.headers.customresponseheaders.X-XSS-Protection=1; mode=block"
- "traefik.http.middlewares.security-headers.headers.customresponseheaders.X-Content-Type-Options=nosniff"
- "traefik.http.middlewares.security-headers.headers.customresponseheaders.Referrer-Policy=strict-origin-when-cross-origin"
# Compression
- "traefik.http.middlewares.gzip.compress=true"