roles/nginx: Opt out of Google FLoC

Google's new Federated Learning of Cohorts (FLoC) will read user's
browser history and assign them to cohorts to track them unless we
set this header.
This commit is contained in:
Alan Orth 2021-04-16 12:40:23 +03:00
parent d3978e5b07
commit 7ba5afcec4
Signed by: alanorth
GPG Key ID: 0FB860CC9C45B1B9

View File

@ -15,3 +15,6 @@ add_header X-XSS-Protection "1; mode=block" always;
# CSP can be quite difficult to configure, and cause real issues if you get it wrong # CSP can be quite difficult to configure, and cause real issues if you get it wrong
# There is website that helps you generate a policy here http://cspisawesome.com/ # There is website that helps you generate a policy here http://cspisawesome.com/
# add_header Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' https://www.google-analytics.com;" always; # add_header Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' https://www.google-analytics.com;" always;
# Opt this site out of Google Chrome's Federated Learning of Cohorts (FLoC)
add_header Permissions-Policy interest-cohort=() always;