31 lines
No EOL
831 B
Django/Jinja
31 lines
No EOL
831 B
Django/Jinja
apiVersion: traefik.containo.us/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: security-headers
|
|
namespace: {{ traefik_namespace }}
|
|
spec:
|
|
headers:
|
|
browserXssFilter: "true"
|
|
contentTypeNosniff: "true"
|
|
forceSTSHeader: "true"
|
|
frameDeny: "true"
|
|
stsIncludeSubdomains: "true"
|
|
stsPreload: "true"
|
|
stsSeconds: "15768000"
|
|
sslRedirect: "true"
|
|
contentSecurityPolicy: "default-src 'self' 'unsafe-inline'"
|
|
customFrameOptionsValue: "SAMEORIGIN"
|
|
referrerPolicy: "same-origin"
|
|
featurePolicy: "vibrate 'self'"
|
|
|
|
# CORS
|
|
accessControlAllowMethods:
|
|
- "GET"
|
|
- "OPTIONS"
|
|
- "PUT"
|
|
accessControlAllowOrigin: "origin-list-or-null"
|
|
#accessControlAllowOriginList:
|
|
# - "https://foo.bar.org"
|
|
# - "https://example.org"
|
|
accessControlMaxAge: 100
|
|
addVaryHeader: "true" |