Ngx Security Headers Versions Save

NGINX Module for sending security headers

0.1.0

8 months ago

Fixed

HSTS set to 1 year instead of 2 years by default (#18)
New default X-XSS-Protection: 0, see #19

0.0.11

2 years ago

Fixed

Sending HSTS header no longer requires building with OpenSSL #12
Fixes HSTS preload was not added by default #15

0.0.10

2 years ago

Ability to opt-out of added preload addition for HSTS, using security_headers_hsts_preload off;.
Remove X-Application-Version header
For adding HSTS, check URL protocol instead of connection protocol to be 'https://' #12

0.0.9

4 years ago

Hide more server tokens
Optimization (e.g. don't send X-Frame-Options for non-HTML)

0.0.8

4 years ago

Added security_headers_referrer_policy directive

0.0.7

4 years ago

Reliable header replacement
Added HSTS

0.0.4

4 years ago

Overwrites existing security headers, instead of duplicating them

0.0.3

4 years ago

Changed module to AUX_FILTER

0.0.2

5 years ago

Compilation fix was added

0.0.1

5 years ago

For packaging to the repository https://www.getpagespeed.com/redhat