NGINX Configuration

The file /etc/slashdb/nginx.confg contains default NGINX configuration of reversed proxy to pass HTTP requests to SlashDB WSGI server.

If you are using other web server than NGINX, this file can be used as a information source / template for your custom setup.

Changes to this file require restating the SlashDB service.

sudo service slashdb restart

Response Headers

The following response headers are sent back with all responses:

add_header Retry-After $retry_after always;

add_header Cache-Control "no-cache, private" always;

# Secure headers
add_header X-Frame-Options DENY always;

add_header X-Content-Type-Options nosniff always;

add_header Referrer-Policy same-origin always;

add_header Content-Security-Policy "default-src 'self' www.youtube.com *.microsoftonline.com *.google.com *.okta.com *.onelogin.com; style-src 'self' 'unsafe-inline';" always;

add_header Strict-Transport-Security "max-age=63072000" always;

add_header Permissions-Policy "fullscreen=(self \"https://www.youtube.com\"), clipboard-read=(self), clipboard-write=(self)" always;

add_header Cross-Origin-Opener-Policy same-origin always;

add_header Cross-Origin-Resource-Policy same-origin always;

For more information on these headers, refer to the Mozilla HTTP Headers documentation and the Mozilla Cross-Origin Resource Sharing (CORS) documentation.