From 167c9cb45b4770b86f1bd0fc696d3e963d787dce Mon Sep 17 00:00:00 2001
From: Alexandre Iooss <erdnaxe@crans.org>
Date: Sun, 30 Jan 2022 20:13:05 +0100
Subject: [PATCH] Update NGINX example

---
 docs/nginx_photos | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/docs/nginx_photos b/docs/nginx_photos
index 77454b4..51f5fb3 100644
--- a/docs/nginx_photos
+++ b/docs/nginx_photos
@@ -37,13 +37,17 @@ server {
     # Allow 2Go upload at once
     client_max_body_size 2G;
 
+    add_header "X-XSS-Protection" "1; mode=block";
+    add_header "Content-Security-Policy" "default-src 'self' 'unsafe-inline';";
+
     # Django statics and media
     # Do not directly serve media, it must be authorized
     # by a Django view to check permissions
-    location /protected/media  {
+    location /protected/media {
         internal;
         alias /var/www/photos/photo21/media;
     }
+
     location /static {
         alias /var/www/photos/photo21/static;
     }
@@ -51,5 +55,9 @@ server {
     location / {
         uwsgi_pass unix:///var/run/uwsgi/app/uwsgi_photos/socket;
         include /etc/nginx/uwsgi_params;
+        proxy_connect_timeout 600;
+        proxy_send_timeout 600;
+        proxy_read_timeout 600;
+        send_timeout 600;
     }
 }