如上图配置
add_header X-Content-Type-Options: nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "default-src 'self'";
如上图即成功
详细解决方案
Nginx配置“Content-Security-Policy”头 、“X-XSS-Protection”头 和“X-Content-Type-Options”头
热度:14 发布时间:2024-01-31 16:45:32.0
相关解决方案
- 怎么取<s:property value="news.CONTENT" escape="false"/>内容前几位
- spring MVC cvc-complex-type.2.4.c解决方案
- 新手,请问input type=text有关问题
- 不走"<script type='text/javascript'>"标签咋回事
- <input type="hidden" name="" value="" />请教这句话的name,value什么意思
- input type=text 替空时 ,为什么不为null
- 在jsp页面下导入.xls文件,报错:Posted content type isn't multipart/form-data
- <script type="javascript/text">的有关问题
- java.lang.IllegalArgumentException: argument type mismatch解决方案
- struts2 type="redirect"该如何处理
- 'http://reg.163.com/login.jsp?type=1&url=http://entry.mail.163.com/coremail/fcg/,该如何处理
- spring security 错误
- 小弟我在网下找的图片验证码,小弟我这个页面的值<input type="text">如何传不到Servlet里面去,请高手瞧瞧
- streams type cannot be used in batching,该如何解决
- unsupported content type in editor解决思路
- spring security 2.0 仅实现单点登录怎么配置
- 哪位高手给个spring security 3.0.5的源码,s_bobo_2002@163.com
- Cannot find any information on property 'cipher' in a bean of type 'xx.JiamiBean解决思路
- struts2+spring security,该怎么解决
- cxf ws-security 加密和签名有关问题?
- Only a type can be imported. com.mysql.jdbc.Driver resolves to a package解决方案
- 请问:org.apache.jasper.JasperException: Cannot find any information on property 'userPhone' in a bean of type 'Bean.Sender'
- Response.AddHeader("Content-Disposition" "attachment; filename=" + file.Name+"xls");中文显示乱码解决方法
- 安装mysql第四步(apply security settings)异常1045,失败,救!防火墙已关闭,重装不管
- 那位高手帮小弟我看下这个有关问题Cannot convert value of type [] to required type [] for property 'ba
- MIDlet cannot be resolved to a type,该怎么解决
- 怎样用android重写j2me,player里的createPlayer(InputStream stream, String type)解决方案
- java.lang.IllegalArgumentException: argument type mismatch,该如何解决
- <input type="file" name="filename">该如何处理
- <input type="file" name="filename">解决方法