From f50afb729035bdfd90bc99b4fc65cfdbd5dac68c Mon Sep 17 00:00:00 2001 From: lapineige Date: Mon, 12 Jun 2023 22:47:27 +0200 Subject: [PATCH] Security fixes in Nginx config + fix typo (#42) * fix syntax * Bump version * Auto-update README * Update nginx.conf (#40) * Update nginx.conf Fix bug in which media was being scrubbed out by CSP * Use __PORT__ instead of fixed value --------- Co-authored-by: lapineige * Fix typo * Bump version * Auto-update README --------- Co-authored-by: yunohost-bot Co-authored-by: Twizzay <88040412+twizzay-code@users.noreply.github.com> --- README.md | 2 +- README_fr.md | 2 +- conf/nginx.conf | 3 ++- manifest.json | 2 +- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 46226bf..b129a98 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Akkoma is a microblogging server software that can federate (= exchange messages with) other servers that support ActivityPub. What that means is that you can host a server for yourself or your friends and stay in control of your online identity, but still exchange messages with people on larger decentrilized and federated network. Akkoma will federate with all servers that implement ActivityPub, like Friendica, GNU Social, Hubzilla, Mastodon, Misskey, Pleroma, Peertube, or Pixelfed. -**Shipped version:** 3.9.3~ynh3 +**Shipped version:** 3.9.3~ynh4 **Demo:** https://otp.akkoma.dev diff --git a/README_fr.md b/README_fr.md index ed61abd..28c5145 100644 --- a/README_fr.md +++ b/README_fr.md @@ -19,7 +19,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po Akkoma is a microblogging server software that can federate (= exchange messages with) other servers that support ActivityPub. What that means is that you can host a server for yourself or your friends and stay in control of your online identity, but still exchange messages with people on larger decentrilized and federated network. Akkoma will federate with all servers that implement ActivityPub, like Friendica, GNU Social, Hubzilla, Mastodon, Misskey, Pleroma, Peertube, or Pixelfed. -**Version incluse :** 3.9.3~ynh3 +**Version incluse :** 3.9.3~ynh4 **Démo :** https://otp.akkoma.dev diff --git a/conf/nginx.conf b/conf/nginx.conf index 8120fe3..2a4dc5a 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -51,7 +51,8 @@ location ~ ^/(media|proxy) { more_set_headers "Content-Security-Policy : script-src 'none'; default-src 'none'; upgrade-insecure-requests; base-uri 'none'; form-action 'none'; 'sandbox';"; proxy_pass http://localhost:__PORT__; -======= +} + location ~ ^/(proxy|media) { more_set_headers "Content-Security-Policy : default-src 'none'; upgrade-insecure-requests; sandbox;"; } diff --git a/manifest.json b/manifest.json index dbbe998..5f9c4d4 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Federated social networking server built on ActivityPub open protocol", "fr": "Serveur de réseautage social fédéré basé sur le protocole ouvert ActivityPub" }, - "version": "3.9.3~ynh3", + "version": "3.9.3~ynh4", "url": "https://akkoma.social/", "upstream": { "license": "AGPL-3.0-only",