Include X-Content-Type-Options: nosniff header for files under /assets

jtgeibel · jtgeibel · commit c3ce2c269ad8 · 2017-07-22T19:16:24.000-04:00
[ci skip]
diff --git a/config/nginx.conf.erb b/config/nginx.conf.erb
@@ -39,6 +39,7 @@ http {
 
 		location ~ ^/assets/ {
 			add_header Strict-Transport-Security "max-age=31536000" always;
+			add_header X-Content-Type-Options nosniff;
 			add_header Cache-Control public;
 			root dist;
 			expires max;
