nuxt-security icon indicating copy to clipboard operation
nuxt-security copied to clipboard
verified publisher icon dansmaculotte

Re Security Headers

Open andyfensham opened this issue 1 year ago • 1 comments

Hi, I implemented security headers in the following way, but no security headers are showing up when I run it in this program : https://www.serpworx.com/check-security-headers or on https://securityheaders.com/?q=https%3A%2F%2Fmarketinnovationsweb.dev.scadsoftware.com%2Fsignin&followRedirects=on

modules: [ [ '@dansmaculotte/nuxt-security', { /* module options */ hsts: { maxAge: 15552000, includeSubDomains: true, preload: true, }, csp: { directives: { defaultSrc: ["'self'"], scriptSrc: ["'self'"], objectSrc: ["'self'"], }, reportOnly: false, }, referrer: 'same-origin', permissions: { notifications: ['none'], }, additionalHeaders: true, }, ], ]

andyfensham avatar Oct 22 '24 12:10 andyfensham

We are using nginx. Should it be set there rather. When and how would we use your module. Thanks a lot

andyfensham avatar Oct 22 '24 12:10 andyfensham

Hi, sorry for the delay. I don't use nuxt2 anymore and I won't provide any support on this module. Anyway, IIRC the module used to work. Is there any chance that nginx strip headers in nuxt response?

rtouze avatar Dec 13 '24 08:12 rtouze