# 1.4.3 **Software Release Date**: 17 September, 2024 **Summary**: In this release, the Gateway now includes the HSTS header in the GET / endpoint, which was missing in version 1.4.1. For the Portal, the default nginx configuration has been updated to hide version information by setting server\_tokens off. The Content-Security-Policy has been revised to allow specific sources, ensuring better security. Additionally, a fix was applied to the add\_header Content-Security-Policy command to correct its arguments, and new security headers have been added to the nginx configuration. ## Gateway * HSTS header also added to `GET /` (was not included in 1.4.1). ## Portal * **Changed:** * `Content-Security-Policy` value changed to `default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.meeco.me *.meeco.cloud *.svx.exchange *.securevalueexchange.com *.windows.net *.amazonaws.com *.google.com *.gstatic.com *.googleapis.com cdn.jsdelivr.net`. * **Added:** * `nginx` default config added with `server_tokens off` so that nginx version information is not returned via `Server` header value. * Security headers to 'ngix' config. * **Fixed:** * `add_header Content-Security-Policy` called with correct number of arguments. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.meeco.me/releases/svx-1.4.3.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.