radziel/spotlightcam
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: add nginx headers and fix npm vulnerabilities

Browse Source 
- Add security headers to nginx (X-Frame-Options, CSP, etc.)
- Reduce client_max_body_size from 500M to 10M
- Add npm overrides to fix cookie vulnerability in csurf
- Make navbar sticky with full width
This commit is contained in:
Radosław Gierwiało
2025-11-29 15:04:26 +01:00
parent 61d23681ff
commit 9206565523
3 changed files with 19 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
nginx/conf.d/default.conf
View File

@@ -10,7 +10,17 @@ server {
listen 80;
server_name localhost;
client_max_body_size 500M; # Dla dużych plików wideo
client_max_body_size 10M;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Permissions-Policy "geolocation=(), microphone=(), camera=()" always;
# Content Security Policy (permissive for dev, tighten for production)
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' ws: wss:; media-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self';" always;
# Frontend - Vite Dev Server
location / {