1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/collabora_ynh.git synced 2024-09-03 18:16:25 +02:00

Merge pull request #80 from YunoHost-Apps/autopatch-http_host

[autopatch] Fix Host and X-Forwarded-For header spoofing
This commit is contained in:
Éric Gaspar 2023-07-30 10:18:53 +01:00 committed by GitHub
commit 4d17524e0f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -7,21 +7,21 @@ location ~ ^/$ {
# static files
location ^~ /browser {
proxy_pass http://localhost:__PORT__;
proxy_set_header Host $http_host;
proxy_set_header Host $host;
more_set_headers "X-Frame-Options: ALLOWALL";
}
# WOPI discovery URL
location ^~ /hosting/discovery {
proxy_pass http://localhost:__PORT__;
proxy_set_header Host $http_host;
proxy_set_header Host $host;
more_set_headers "X-Frame-Options: ALLOWALL";
}
# Capabilities
location ^~ /hosting/capabilities {
proxy_pass http://localhost:__PORT__;
proxy_set_header Host $http_host;
proxy_set_header Host $host;
more_set_headers "X-Frame-Options: ALLOWALL";
}
@ -30,7 +30,7 @@ location ~ ^/cool/(.*)/ws$ {
proxy_pass http://localhost:__PORT__;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
proxy_set_header Host $host;
proxy_read_timeout 36000s;
more_set_headers "X-Frame-Options: ALLOWALL";
}
@ -38,7 +38,7 @@ location ~ ^/cool/(.*)/ws$ {
# download, presentation and image upload
location ~ ^/(c|l)ool {
proxy_pass http://localhost:__PORT__;
proxy_set_header Host $http_host;
proxy_set_header Host $host;
more_set_headers "X-Frame-Options: ALLOWALL";
}
@ -47,6 +47,6 @@ location ^~ /cool/adminws {
proxy_pass http://localhost:__PORT__;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
proxy_set_header Host $host;
proxy_read_timeout 36000s;
}