From 6e8d2bf7c234c2256fa348d3d0ec261e94f3220d Mon Sep 17 00:00:00 2001
From: Revant Nandgaonkar <revant.one@gmail.com>
Date: Sun, 15 Mar 2020 00:20:28 +0530
Subject: [PATCH] fix: nginx config

add updates from frappe/bench to config
---
 build/common/nginx-default.conf.template | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/build/common/nginx-default.conf.template b/build/common/nginx-default.conf.template
index b9fc161a..f19ccee2 100644
--- a/build/common/nginx-default.conf.template
+++ b/build/common/nginx-default.conf.template
@@ -11,6 +11,11 @@ server {
     server_name $http_host;
     root /var/www/html;
 
+    add_header X-Frame-Options "SAMEORIGIN";
+    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
+    add_header X-Content-Type-Options nosniff;
+    add_header X-XSS-Protection "1; mode=block";
+
     location /assets {
         try_files $uri =404;
     }
@@ -32,6 +37,15 @@ server {
     }
 
     location / {
+        rewrite ^(.+)/$ $1 permanent;
+        rewrite ^(.+)/index\.html$ $1 permanent;
+        rewrite ^(.+)\.html$ $1 permanent;
+
+        location ~ ^/files/.*.(htm|html|svg|xml) {
+                add_header Content-disposition "attachment";
+                try_files /sites/$http_host/public/$uri @webserver;
+        }
+
         try_files /sites/$http_host/public/$uri @webserver;
     }