From 284f4b51288ae84530943ff9da892c51981b8294 Mon Sep 17 00:00:00 2001 From: "srvproxy001.itguys.com.br" Date: Mon, 6 Oct 2025 11:52:46 -0300 Subject: [PATCH] =?UTF-8?q?[Auto-Sync]=20Atualiza=C3=A7=C3=A3o=20das=20con?= =?UTF-8?q?figura=C3=A7=C3=B5es=20em=20srvproxy001.itguys.com.br=20-=20202?= =?UTF-8?q?5-10-06=2011:52:46?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- nginx/sites-available/vcenter.itguys.com.br.conf | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/nginx/sites-available/vcenter.itguys.com.br.conf b/nginx/sites-available/vcenter.itguys.com.br.conf index a66d298..bb77754 100644 --- a/nginx/sites-available/vcenter.itguys.com.br.conf +++ b/nginx/sites-available/vcenter.itguys.com.br.conf @@ -60,12 +60,12 @@ server { # --- Cabeçalhos de Segurança --- # Adiciona uma camada extra de proteção no navegador do cliente. - add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always; - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Content-Type-Options "nosniff" always; - add_header Referrer-Policy "no-referrer" always; + #add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always; + #add_header X-Frame-Options "SAMEORIGIN" always; + #add_header X-Content-Type-Options "nosniff" always; + #add_header Referrer-Policy "no-referrer" always; # CSP pode ser complexo. Este é um ponto de partida. Teste extensivamente. - add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self' wss:; font-src 'self' data:;" always; + #add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self' wss:; font-src 'self' data:;" always; # --- Configurações do Proxy Reverso --- location / {