How do I set headers ?
I have ran a few testers on the web and the tests are reporting im missing a few headers and need them to improve security.
I tried adding headers using an action on the main ha frontend like below
After applying settings Im getting an error about the option needing exactly 2 arguments .. How should I set such headers and where ? Straight in the config (wouldnt this be overwritten by ha-proxy ?)?
You probably want to set http response headers, not request headers.
allright thanks, I will change it to request. So this is the correct place/way to put in the headers ? How would I configure this header:
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
The value contains spaces, so haproxy interface on pfsense wont accept it. I get the error it needs 2 arguments ?
Something like this.
All I did was enclose everything in double quotes. Ended up with this:
http-response set-header Content-Security-Policy "default-src https: data: 'unsafe-inline' 'unsafe-eval'" if yourAcl
I didn't test it.
Cool! thanks, will test this and see if it works.
nice, it seems to work, getting A+ result now !
@Actionhenk Nice. One other thing: I haven't looked at it but I assume if you need double quotes in a string like that in the future you can just escape the ones inside the string with