nixos/solitary: Widen cross‐origin policies

2024-10-16 13:56:24 +02:00 · 2024-10-16 13:56:24 +02:00 · b66d1693dc
parent 2ad94c9f55
commit b66d1693dc
1 changed files with 2 additions and 2 deletions
--- a/nixos/config/solitary/configuration.nix
+++ b/nixos/config/solitary/configuration.nix
@ -378,8 +378,8 @@ in {

      http-response set-header Alt-Svc "h3=\":443\""
      http-response set-header Cross-Origin-Embedder-Policy require-corp if no-coep
-      http-response set-header Cross-Origin-Opener-Policy same-origin if no-coop
-      http-response set-header Cross-Origin-Resource-Policy same-origin if no-corp
+      http-response set-header Cross-Origin-Opener-Policy same-site if no-coop
+      http-response set-header Cross-Origin-Resource-Policy same-site if no-corp
      http-response set-header Content-Security-Policy "default-src 'self'; frame-ancestors 'none'" if no-csp
      http-response set-header Referrer-Policy same-origin if no-rp
      http-response set-header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"