configuration-templates – Rev 69
?pathlinks?
###########################################################################
## Copyright (C) Wizardry and Steamworks 2013 - License: GNU GPLv3 ##
## Please see: http://www.gnu.org/licenses/gpl.html for legal details, ##
## rights of fair usage, the disclaimer and warranty conditions. ##
###########################################################################
## Squid3 - rules to anonymize HTTP response headers. ##
###########################################################################
# CORS
reply_header_access Access-Control-Allow-Origin allow all
reply_header_access Access-Control-Allow-Credentials allow all
reply_header_access Access-Control-Expose-Headers allow all
reply_header_access Access-Control-Max-Age allow all
reply_header_access Access-Control-Allow-Methods allow all
reply_header_access Access-Control-Allow-Headers allow all
#
reply_header_access Accept-Patch allow all
reply_header_access Accept-Ranges allow all
reply_header_access Age allow all
reply_header_access Allow allow all
reply_header_access Alt-Svc allow all
# reply_header_access Cache-Control allow all
reply_header_access Connection allow all
reply_header_access Content-Disposition allow all
reply_header_access Content-Encoding allow all
reply_header_access Content-Language allow all
reply_header_access Content-Length allow all
reply_header_access Content-Location allow all
reply_header_access Content-MD5 allow all
reply_header_access Content-Range allow all
reply_header_access Content-Type allow all
### The date and time that the message was sent.
# reply_header_access Date allow all
reply_header_access ETag allow all
reply_header_access Expires allow all
reply_header_access Last-Modified allow all
reply_header_access Link allow all
reply_header_access Location allow all
reply_header_access P3P allow all
# reply_header_access Pragma allow all
reply_header_access Proxy-Authenticate allow all
reply_header_access Public-Key-Pins allow all
reply_header_access Refresh allow all
reply_header_access Retry-After allow all
reply_header_access Server allow all
reply_header_access Set-Cookie allow all
reply_header_access Status allow all
### HSTS (no, thank you) and cache.
# reply_header_access Strict-Transport-Security allow all
reply_header_access Trailer allow all
reply_header_access Transfer-Encoding allow all
### Tracking Status Value (TSV), value suggested to be sent in response to
### a do-not-track (DNT). No, thank you.
# reply_header_access TSV allow all
### Ask the client to upgrade to another protocol.
# reply_header_access Upgrade allow all
reply_header_access Vary allow all
reply_header_access Via allow all
reply_header_access Warning allow all
reply_header_access WWW-Authenticate allow all
reply_header_access X-Frame-Options allow all
reply_header_access X-XSS-Protection allow all
reply_header_access Content-Security-Policy allow all
reply_header_access X-Content-Security-Policy allow all
reply_header_access X-WebKit-CSP allow all
reply_header_access X-Content-Type-Options allow all
reply_header_access X-Powered-By allow all
reply_header_access X-UA-Compatible allow all
reply_header_access X-Content-Duration allow all
# reply_header_access Upgrade-Insecure-Requests allow all
# reply_header_access X-Request-ID allow all
# reply_header_access X-Correlation-ID allow all
reply_header_access X-Accel-Redirect allow all
reply_header_access X-Sendfile allow all
reply_header_access X-LIGHTTPD-send-file allow all
reply_header_access X-Sendfile2 allow all
reply_header_access X-Accel-Limit-Rate allow all
reply_header_access X-Accel-Buffering allow all
reply_header_access X-Accel-Charset allow all
reply_header_access Other deny all
reply_header_access All deny all