1、nginx 或者tomcat 下 X-Content-Type-Options、X-XSS-Protection、Content-Security-Pol安全配置
add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Content-Type-Options "nosniff";
参考:https://blog.csdn.net/weixin_41986096/article/details/108319848
2、nginx: [emerg] unknown "connection_upgrade" variable解决与思考
http {
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
location / {
#…
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
}
参考:https://segmentfault.com/a/1190000018712908
3、Nginx: Connection reset by peer 错误定位
https://blog.csdn.net/zzhongcy/article/details/89090193