我在我的nginx网站配置中设置了以下内容:
server {
...
add_header Referrer-Policy "no-referrer" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Xss-Protection "1; mode=block" always;
...
}
但如果我看看我的身边,我只会看到五个发头人中的两个
HTTP/2 200
server: nginx
date: Fri, 06 Apr 2018 08:58:49 GMT
content-type: text/html; charset=utf-8
content-length: 114649
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Fri, 06 Apr 2018 08:58:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
set-cookie: __Secure-anzah_csrf=Fmv0S0-WCZwP5fy5; path=/; secure
set-cookie: __Secure-anzah_session=IxXVlychxqE2F4lXUwW79gKwrxiTlhuQ; path=/; secure; HttpOnly
cache-control: private, no-cache, max-age=0
有谁知道原因可能是什么?