YunoHost-Apps/collabora_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/collabora_ynh.git synced 2024-09-03 18:16:25 +02:00
Code Issues Activity Actions

[autopatch] Fix Host and X-Forwarded-For header spoofing

Browse source
This commit is contained in:
tituspijean 2023-07-05 00:23:48 +02:00 committed by YunoHost Bot
parent 70788e0e2a
commit 56d90fb353
1 changed files with 6 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
conf/nginx.conf
View file

@ -7,21 +7,21 @@ location ~ ^/$ {
# static files # static files
location ^~ /browser { location ^~ /browser {
proxy_pass http://localhost:__PORT__; proxy_pass http://localhost:__PORT__;
proxy_set_header Host $http_host; proxy_set_header Host $host;
more_set_headers "X-Frame-Options: ALLOWALL"; more_set_headers "X-Frame-Options: ALLOWALL";
} }
# WOPI discovery URL # WOPI discovery URL
location ^~ /hosting/discovery { location ^~ /hosting/discovery {
proxy_pass http://localhost:__PORT__; proxy_pass http://localhost:__PORT__;
proxy_set_header Host $http_host; proxy_set_header Host $host;
more_set_headers "X-Frame-Options: ALLOWALL"; more_set_headers "X-Frame-Options: ALLOWALL";
} }
# Capabilities # Capabilities
location ^~ /hosting/capabilities { location ^~ /hosting/capabilities {
proxy_pass http://localhost:__PORT__; proxy_pass http://localhost:__PORT__;
proxy_set_header Host $http_host; proxy_set_header Host $host;
more_set_headers "X-Frame-Options: ALLOWALL"; more_set_headers "X-Frame-Options: ALLOWALL";
} }
@ -30,7 +30,7 @@ location ~ ^/cool/(.*)/ws$ {
proxy_pass http://localhost:__PORT__; proxy_pass http://localhost:__PORT__;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host; proxy_set_header Host $host;
proxy_read_timeout 36000s; proxy_read_timeout 36000s;
more_set_headers "X-Frame-Options: ALLOWALL"; more_set_headers "X-Frame-Options: ALLOWALL";
} }
@ -38,7 +38,7 @@ location ~ ^/cool/(.*)/ws$ {
# download, presentation and image upload # download, presentation and image upload
location ~ ^/(c|l)ool { location ~ ^/(c|l)ool {
proxy_pass http://localhost:__PORT__; proxy_pass http://localhost:__PORT__;
proxy_set_header Host $http_host; proxy_set_header Host $host;
more_set_headers "X-Frame-Options: ALLOWALL"; more_set_headers "X-Frame-Options: ALLOWALL";
} }
@ -47,6 +47,6 @@ location ^~ /cool/adminws {
proxy_pass http://localhost:__PORT__; proxy_pass http://localhost:__PORT__;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host; proxy_set_header Host $host;
proxy_read_timeout 36000s; proxy_read_timeout 36000s;
} }