Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

GetPageSpeed / ngx_security_headers Public

Notifications You must be signed in to change notification settings
Fork 16
Star 113

Code
Issues 8
Pull requests
Actions
Projects
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Security
Insights

Releases: GetPageSpeed/ngx_security_headers

Releases · GetPageSpeed/ngx_security_headers

v0.1.1

09 Nov 09:05

dvershinin

This commit was created on GitHub.com and signed with GitHub’s verified signature.

GPG key ID: B5690EEEBB952194

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v0.1.1 Latest

Latest

Fixed issue with scheme extraction (#22), thanks to @kosmas-valianos for the contribution.

Contributors

kosmas-valianos

Assets 2

Loading

kosmas-valianos reacted with rocket emoji

All reactions

🚀 1 reaction

1 person reacted

v0.1.0

05 Sep 17:47

dvershinin

Compare

Choose a tag to compare

Loading

v0.1.0

Fixed

HSTS set to 1 year instead of 2 years by default (#18)
New default X-XSS-Protection: 0, see #19

Assets 2

Loading

All reactions

v0.0.11

18 Mar 07:38

dvershinin

Compare

Choose a tag to compare

Loading

v0.0.11

Fixed

Sending HSTS header no longer requires building with OpenSSL #12
Fixes HSTS preload was not added by default #15

Assets 2

Loading

All reactions

v0.0.10

13 Mar 18:04

dvershinin

Compare

Choose a tag to compare

Loading

v0.0.10

Ability to opt-out of added preload addition for HSTS, using security_headers_hsts_preload off;.
Remove X-Application-Version header
For adding HSTS, check URL protocol instead of connection protocol to be 'https://' #12

Assets 2

Loading

nathan3boss reacted with thumbs up emoji

All reactions

👍 1 reaction

1 person reacted

v0.0.9

29 Feb 00:22

dvershinin

Compare

Choose a tag to compare

Loading

v0.0.9

Hide more server tokens
Optimization (e.g. don't send X-Frame-Options for non-HTML)

Assets 2

Loading

All reactions

v0.0.8

05 Dec 20:03

dvershinin

Compare

Choose a tag to compare

Loading

v0.0.8

Added security_headers_referrer_policy directive

Assets 2

Loading

All reactions

v0.0.7

01 Sep 18:53

dvershinin

Compare

Choose a tag to compare

Loading

v0.0.7

Reliable header replacement
Added HSTS

Assets 2

Loading

All reactions

v0.0.4

23 Aug 23:01

dvershinin

Compare

Choose a tag to compare

Loading

v0.0.4

Overwrites existing security headers, instead of duplicating them

Assets 2

Loading

All reactions

v0.0.3

21 Aug 22:23

dvershinin

Compare

Choose a tag to compare

Loading

v0.0.3

Changed module to AUX_FILTER

Assets 2

Loading

All reactions

v0.0.2

28 Jan 20:18

dvershinin

This commit was signed with the committer’s verified signature.

dvershinin Danila Vershinin

GPG key ID: B14F2AB8A463C3BE

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v0.0.2

Compilation fix was added

Assets 2

Loading

All reactions

Previous 1 2 Next

Previous Next

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.