From 56d90fb35346f59adfe161b78c4426c2bc2ea7c1 Mon Sep 17 00:00:00 2001 From: tituspijean Date: Wed, 5 Jul 2023 00:23:48 +0200 Subject: [PATCH 1/3] [autopatch] Fix Host and X-Forwarded-For header spoofing --- conf/nginx.conf | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 6acb77a..436d7e5 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -7,21 +7,21 @@ location ~ ^/$ { # static files location ^~ /browser { proxy_pass http://localhost:__PORT__; - proxy_set_header Host $http_host; + proxy_set_header Host $host; more_set_headers "X-Frame-Options: ALLOWALL"; } # WOPI discovery URL location ^~ /hosting/discovery { proxy_pass http://localhost:__PORT__; - proxy_set_header Host $http_host; + proxy_set_header Host $host; more_set_headers "X-Frame-Options: ALLOWALL"; } # Capabilities location ^~ /hosting/capabilities { proxy_pass http://localhost:__PORT__; - proxy_set_header Host $http_host; + proxy_set_header Host $host; more_set_headers "X-Frame-Options: ALLOWALL"; } @@ -30,7 +30,7 @@ location ~ ^/cool/(.*)/ws$ { proxy_pass http://localhost:__PORT__; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; - proxy_set_header Host $http_host; + proxy_set_header Host $host; proxy_read_timeout 36000s; more_set_headers "X-Frame-Options: ALLOWALL"; } @@ -38,7 +38,7 @@ location ~ ^/cool/(.*)/ws$ { # download, presentation and image upload location ~ ^/(c|l)ool { proxy_pass http://localhost:__PORT__; - proxy_set_header Host $http_host; + proxy_set_header Host $host; more_set_headers "X-Frame-Options: ALLOWALL"; } @@ -47,6 +47,6 @@ location ^~ /cool/adminws { proxy_pass http://localhost:__PORT__; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; - proxy_set_header Host $http_host; + proxy_set_header Host $host; proxy_read_timeout 36000s; } From b7fbe238a64bde2479b638dff9823085a34d37a8 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 30 Jul 2023 10:18:11 +0100 Subject: [PATCH 2/3] Update manifest.json --- manifest.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.json b/manifest.json index 3985897..153e1f7 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "LibreOffice-based online office suite with collaborative editing", "fr": "Suite office en ligne et collaborative, basée sur LibreOffice" }, - "version": "22.05.12.2~ynh1", + "version": "22.05.14.3~ynh1", "url": "https://collaboraoffice.com", "upstream": { "license": "MPL-2.0", @@ -19,7 +19,7 @@ "email": "rafi59_dev@srvmaison.fr.nf" }, "requirements": { - "yunohost": ">= 11.1.15" + "yunohost": ">= 11.2" }, "multi_instance": false, "services": [ From d36e8df50fa0ea7ae6bcb0cefb33563590f27832 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Sun, 30 Jul 2023 09:18:16 +0000 Subject: [PATCH 3/3] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4b640c0..24363d2 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ Collabora Online is a powerful LibreOffice-based online office that supports all - presentations (odp, pptx, ppt…) -**Shipped version:** 22.05.12.2~ynh1 +**Shipped version:** 22.05.14.3~ynh1 ## Screenshots diff --git a/README_fr.md b/README_fr.md index c02756c..ffaf364 100644 --- a/README_fr.md +++ b/README_fr.md @@ -28,7 +28,7 @@ Collabora Online est une suite bureautique en ligne open source basé sur LibreO - des tableurs (ods, xlsx, xls…) - présentations (odp, pptx, ppt…) -**Version incluse :** 22.05.12.2~ynh1 +**Version incluse :** 22.05.14.3~ynh1 ## Captures d’écran