summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>2014-08-23 23:50:09 +0300
committerDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>2014-08-23 23:50:09 +0300
commiteddfdc9eddd89040eb1b7067c2e78fcb9185f4c6 (patch)
tree9c2be2050dc85330bbf2a25a732b790964f872c8
parent3cbacad86c2eac40fb1f41cf6afffb7ac53a881e (diff)
parenta3953a46f401e075c4319a49cf4c88825d78ce17 (diff)
downloadgitlab-ce-eddfdc9eddd89040eb1b7067c2e78fcb9185f4c6.tar.gz
Merge pull request #7558 from bbodenmiller/patch-4
change X-Frame-Options to SAMEORIGIN for nginx SSL config
-rw-r--r--lib/support/nginx/gitlab-ssl2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/support/nginx/gitlab-ssl b/lib/support/nginx/gitlab-ssl
index 91da0247515..90b4282b1fd 100644
--- a/lib/support/nginx/gitlab-ssl
+++ b/lib/support/nginx/gitlab-ssl
@@ -84,7 +84,7 @@ server {
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=63072000;
- add_header X-Frame-Options DENY;
+ add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
## Individual nginx logs for this GitLab vhost