add_header X-Content-Type-Options'nosniff'; add_header Referrer-Policy"no-referrer-when-downgrade"; add_header Content-Security-Policy"default-src 'self'"; add_header X-Permitted-Cross-Domain-Policies all; add_header X-Download-Options value ; 在nginx里添加add_header要注意先后顺序http\server\lo...
add_header Strict-Transport-Security "max-age=63072000; preload";add_header X-Frame-Options SAMEORIGIN;add_header X-Content-Type-Options nosniff;add_header X-XSS-Protection "1; mode=block";但响应头部没有这些header。除了常规的header,仅出现了一个配置配置在location中的header X-Cache。第一印象是CD...
add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; add_header...