YunoHost-Apps/collabora_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/collabora_ynh.git synced 2024-09-03 18:16:25 +02:00
Code Issues Activity Actions

[autopatch] Fix Host and X-Forwarded-For header spoofing

Browse source
This commit is contained in:
tituspijean 2023-07-05 00:23:48 +02:00 committed by YunoHost Bot
parent 70788e0e2a
commit 56d90fb353
1 changed files with 6 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
conf/nginx.conf
View file

@ -7,21 +7,21 @@ location ~ ^/$ {
# static files
location ^~ /browser {
proxy_pass http://localhost:__PORT__;
proxy_set_header Host $http_host;
proxy_set_header Host $host;
more_set_headers "X-Frame-Options: ALLOWALL";
}
# WOPI discovery URL
location ^~ /hosting/discovery {
proxy_pass http://localhost:__PORT__;
proxy_set_header Host $http_host;
proxy_set_header Host $host;
more_set_headers "X-Frame-Options: ALLOWALL";
}
# Capabilities
location ^~ /hosting/capabilities {
proxy_pass http://localhost:__PORT__;
proxy_set_header Host $http_host;
proxy_set_header Host $host;
more_set_headers "X-Frame-Options: ALLOWALL";
}
@ -30,7 +30,7 @@ location ~ ^/cool/(.*)/ws$ {
proxy_pass http://localhost:__PORT__;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
proxy_set_header Host $host;
proxy_read_timeout 36000s;
more_set_headers "X-Frame-Options: ALLOWALL";
}
@ -38,7 +38,7 @@ location ~ ^/cool/(.*)/ws$ {
# download, presentation and image upload
location ~ ^/(c|l)ool {
proxy_pass http://localhost:__PORT__;
proxy_set_header Host $http_host;
proxy_set_header Host $host;
more_set_headers "X-Frame-Options: ALLOWALL";
}
@ -47,6 +47,6 @@ location ^~ /cool/adminws {
proxy_pass http://localhost:__PORT__;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
proxy_set_header Host $host;
proxy_read_timeout 36000s;
}