server {
		
        add_header X-Content-Type-Options nosniff;
        add_header Strict-Transport-Security max-age=31536000;
        add_header Set-Cookie "/; Secure; HttpOnly; SameSite=None";
        location / {

			## 上面3行，与这里下面4行，顺序不能搞错。
			add_header Set-Cookie "Secure";
			add_header X-Content-Type-Options nosniff;
			add_header Strict-Transport-Security max-age=31536000;
			add_header Set-Cookie "/; Secure; HttpOnly; SameSite=None";
        }

}