YunoHost-Apps/friendica_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/friendica_ynh.git synced 2024-09-03 18:36:14 +02:00
Code Issues Activity Actions

Fix nginx security Issue

Browse source 
I found while I did a security check with gixy that using $uri instead of $request_uri is not good. So I replaced that.
I haven't checked if all part of the app run correctly after this patch, so check it before the merge.
This commit is contained in:
Josue-T 2017-12-29 15:25:59 +01:00 committed by GitHub
parent 58774643d2
commit 001f7c620b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
conf/nginx.conf
View file

@ -58,7 +58,7 @@ rewrite ^ https://$server_name$request_uri? permanent;
# by denying dot files and rewrite request to the front controller
location ^~ /.well-known/ {
allow all;
rewrite ^/(.*) /index.php?pagename=$uri&$args last;
rewrite ^/(.*) /index.php?pagename=$request_uri&$args last;
}
#statically serve these file types when possible