Behavior of security headers
Valentin V. Bartenev
vbart at nginx.com
Mon Jan 26 13:48:18 UTC 2015
On Monday 26 January 2015 08:38:08 okamzol wrote:
> That's exactly the point - I wanted to set these headers on server level to
> become valid for the whole domain and all inherent location blocks. This
> avoids the need to repeat all headers in each location...
>
But are you sure, that you don't have add_header directives in your location
blocks at the same time?
Please note:
server {
add_header X-Header-One one;
add_header X-Header-Two two;
location / {
add_header X-Header-Three three;
}
}
in the configuration above only the X-Header-Three will be added to response.
wbr, Valentin V. Bartenev
More information about the nginx
mailing list