fix: noindex, nofollow instead of none robots header (#37)

This fixes a warning shown on the administration page. More info on: https://help.nextcloud.com/t/x-robots-tag-http-header-not-configured-with-noindex-nofollow-since-nc-26-0-0/158300/1 Reviewed-on: #37 Co-authored-by: p4u1 <p4u1_f4u1@riseup.net> Co-committed-by: p4u1 <p4u1_f4u1@riseup.net>
2023-12-19 14:50:46 +00:00 · 2023-12-19 14:50:46 +00:00 · 24ca6b22bc
parent c4ea5e053e
commit 24ca6b22bc
1 changed files with 6 additions and 6 deletions
--- a/nginx.conf.tmpl
+++ b/nginx.conf.tmpl
@ -59,12 +59,12 @@ http {
        #pagespeed off;

        # HTTP response headers borrowed from Nextcloud `.htaccess`
-        add_header Referrer-Policy                      "no-referrer"   always;
-        add_header X-Content-Type-Options               "nosniff"       always;
-        add_header X-Download-Options                   "noopen"        always;
-        add_header X-Permitted-Cross-Domain-Policies    "none"          always;
-        add_header X-Robots-Tag                         "none"          always;
-        add_header X-XSS-Protection                     "1; mode=block" always;
+        add_header Referrer-Policy                      "no-referrer"       always;
+        add_header X-Content-Type-Options               "nosniff"           always;
+        add_header X-Download-Options                   "noopen"            always;
+        add_header X-Permitted-Cross-Domain-Policies    "none"              always;
+        add_header X-Robots-Tag                         "noindex, nofollow" always;
+        add_header X-XSS-Protection                     "1; mode=block"     always;

        {{ if eq (env "X_FRAME_OPTIONS_ENABLED") "1" }}
        add_header Content-Security-Policy              "frame-ancestors {{ env "X_FRAME_OPTIONS_ALLOW_FROM" }} {{ env "DOMAIN" }}";