From 3cbda054552e65f2b91813f5d9743a02a308b43e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=82=A6=E9=82=A6=E9=82=A6=E9=82=A6?= <15622356989@163.com>
Date: Sat, 25 May 2024 09:46:30 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E8=A7=84=E8=8C=83nginx=E9=85=8D?=
 =?UTF-8?q?=E7=BD=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 deploy/nginx/nginx.conf | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/deploy/nginx/nginx.conf b/deploy/nginx/nginx.conf
index 843a6ec..d75e788 100644
--- a/deploy/nginx/nginx.conf
+++ b/deploy/nginx/nginx.conf
@@ -60,7 +60,7 @@ http {
     add_header X-Frame-Options DENY;
     add_header X-Content-Type-Options nosniff;
     add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
-    add_header Content-Security-Policy "script-src 'self' * 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-src 'none'";
+    add_header Content-Security-Policy "script-src 'self' * 'unsafe-inline' 'unsafe-eval'; object-src 'none'; frame-src 'none'";
     add_header Pragma no-cache;
     add_header Expires 0;
 
@@ -93,7 +93,6 @@ http {
     }
 
     location / {
-
       limit_req zone=ratelimit burst=5 nodelay;
       proxy_set_header X-Forwarded-For $http_x_real_ip;
       proxy_set_header Host $host;
@@ -120,6 +119,7 @@ http {
       add_header X-XSS-Protection "1; mode=block";
       add_header X-Frame-Options DENY;
       add_header X-Content-Type-Options nosniff;
+      add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
       add_header Content-Security-Policy "script-src 'self'; object-src 'none'; frame-src 'none'";
       add_header Cache-Control "no-cache,no-store,must-revalidate";
       add_header Pragma no-cache;
@@ -133,6 +133,7 @@ http {
       add_header X-XSS-Protection "1; mode=block";
       add_header X-Frame-Options DENY;
       add_header X-Content-Type-Options nosniff;
+      add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
       add_header Content-Security-Policy "script-src 'self'; object-src 'none'; frame-src 'none'";
       add_header Cache-Control "no-cache,no-store,must-revalidate";
       add_header Pragma no-cache;
@@ -146,6 +147,7 @@ http {
       add_header X-XSS-Protection "1; mode=block";
       add_header X-Frame-Options DENY;
       add_header X-Content-Type-Options nosniff;
+      add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
       add_header Content-Security-Policy "script-src 'self'; object-src 'none'; frame-src 'none'";
       add_header Cache-Control "no-cache,no-store,must-revalidate";
       add_header Pragma no-cache;
@@ -154,15 +156,9 @@ http {
       proxy_pass https://doc-search.test.osinfra.cn/;
     }
 
-
     error_page 401 402 403 405 406 407 413 414 /error.html;
-    error_page 404 /404.html;
     error_page 500 501 502 503 504 505 /error.html;
-
-
-    location = /404.html {
-      root /usr/share/nginx/www;
-    }
+    error_page 404 /index.html;
 
     location = /error.html {
       root /usr/share/nginx/www;
-- 
Gitee