From 714b8cd168984481f03d8b03cd0ec21f2faf9c85 Mon Sep 17 00:00:00 2001
From: Ludovic CHEVALIER <ludovic.chevalier@heureux-cyclage.org>
Date: Fri, 22 May 2015 15:42:58 +0200
Subject: [PATCH] =?utf8?q?Correction=C2=A0:=20=20=20=20=20=20=20=20=20etc/?=
 =?utf8?q?nginx/conf.d/ssl-pfs.conf?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

---
 srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf b/srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf
index c097ac4..5d45760 100644
--- a/srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf
+++ b/srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf
@@ -4,7 +4,7 @@
 # DOC: https://www.openssl.org/docs/apps/ciphers.html
 keepalive_timeout 70;
 add_header Strict-Transport-Security "max-age=31536000;";
-add_header X-Frame-Options DENY;
+add_header X-Frame-Options SAMEORIGIN;
 ssl on;
 ssl_ciphers ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:kEDH+AESGCM:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4;
     # NOTE: prioritizes algorithms that provide Perfect Forward Secrecy.
-- 
2.20.1