]> Frank Brehm's Git Trees - pixelpark/hiera.git/commitdiff
projects / pixelpark / hiera.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f098360)
Removed header set in vhost
authorAndreas Pinto-Köhler <andreas.pinto-koehler@publicispixelpark.de>
Thu, 19 Jan 2017 15:08:29 +0000 (16:08 +0100)
committerAndreas Pinto-Köhler <andreas.pinto-koehler@publicispixelpark.de>
Thu, 19 Jan 2017 15:08:29 +0000 (16:08 +0100)
customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml patch | blob | history

diff --git a/customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml b/customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml
index b3100f9e0e5ede7d31886636acd60dfd758e7dd4..390458edb91408edf53cf907bebb7242d5e0a392 100644 (file)
--- a/customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml
+++ b/customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml
@@ -38,9 +38,6 @@ site::profile::apache::pp_vhosts:
     redirect_dest_non_ssl: 'https://dev-web01-ngcc-daimler.pixelpark.net/'
     headers:
       - 'always unset "X-Powered-By"'
-      - 'set X-Content-Type-Options: nosniff'
-      - 'set X-XSS-Protection: "1; mode=block"'
-      - 'set X-Frame-Options: "ALLOW-FROM https://dev-cms01-ngcc-daimler.pixelpark.net"'
       - "set Content-Security-Policy: \"default-src 'self'; font-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.youtube.com https://s.ytimg.com https://connect.facebook.net; frame-ancestors 'self'; media-src 'self' data:; img-src 'self' https://*.facebook.com https://*.cdninstagram.com https://*.ytimg.com https://*.twimg.com https://mb.anythingabout.net; child-src https://*.youtube.com https://*.facebook.com\""
       - "set X-Content-Security-Policy: \"default-src 'self'; font-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.youtube.com https://s.ytimg.com https://connect.facebook.net; frame-ancestors 'self'; media-src 'self' data:; img-src 'self' https://*.facebook.com https://*.cdninstagram.com https://*.ytimg.com https://*.twimg.com https://mb.anythingabout.net; child-src https://*.youtube.com https://*.facebook.com\""
     headers_ssl:
Unnamed repository; edit this file 'description' to name the repository.