1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/distbin_ynh.git synced 2024-09-03 18:26:10 +02:00

[autopatch] Fix Host and X-Forwarded-For header spoofing

This commit is contained in:
tituspijean 2023-07-05 00:46:12 +02:00 committed by YunoHost Bot
parent 1feabb3f05
commit 6146916183

View file

@ -4,7 +4,7 @@ location __PATH__/ {
proxy_pass http://127.0.0.1:__PORT__/; proxy_pass http://127.0.0.1:__PORT__/;
proxy_pass_request_headers on; proxy_pass_request_headers on;
proxy_redirect ~^/(.*) $scheme://$http_host__PATH__/$1; proxy_redirect ~^/(.*) $scheme://$http_host__PATH__/$1;
proxy_set_header Host $http_host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;