From 4a4a7f136e5b1fb096804ec05343c8e9c5230fea Mon Sep 17 00:00:00 2001
From: sakkiii <11132948+sakkiii@users.noreply.github.com>
Date: Tue, 25 May 2021 11:42:51 +0530
Subject: [PATCH] changes added to hydrogen client

---
 .../templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2
index 5ad99603d..d9a05926c 100644
--- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2
+++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2
@@ -4,10 +4,14 @@
 	gzip on;
 	gzip_types text/plain application/json application/javascript text/css image/x-icon font/ttf image/gif;
 
-	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+	{% if matrix_nginx_proxy_hsts_preload_enabled %}
+		add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+	{% else %}
+		add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+	{% endif %}
+	add_header X-XSS-Protection "{{ matrix_nginx_proxy_xss_protection }}";
 	add_header X-Content-Type-Options nosniff;
 	add_header X-Frame-Options SAMEORIGIN;
-	add_header X-XSS-Protection "1; mode=block";
 	add_header Content-Security-Policy "frame-ancestors 'none'";
 	{% if matrix_nginx_proxy_floc_optout_enabled %}
 		add_header Permissions-Policy interest-cohort=() always;