From ef9e182d5edae103c1eea959db391f1304f91a6c Mon Sep 17 00:00:00 2001 From: Thomas <51749973+Thovi98@users.noreply.github.com> Date: Sun, 4 Jun 2023 09:03:47 +0200 Subject: [PATCH] replace add_header by more_set_headers --- conf/nginx.conf | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index b2a1dc8..1e68862 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -28,8 +28,8 @@ location / { } location /embed.html { - add_header Content-Security-Policy "connect-src https: http: 'self'; default-src 'self'; script-src 'self' unpkg.com 'unsafe-inline' 'unsafe-eval'; style-src https: http: 'self' 'unsafe-inline'; img-src https: http: 'self' data:; font-src https: http: 'self' data:; object-src 'none'; media-src https: http: 'self' data:"; - add_header Referrer-Policy "strict-origin-when-cross-origin"; + more_set_headers "Content-Security-Policy: connect-src https: http: 'self'; default-src 'self'; script-src 'self' unpkg.com 'unsafe-inline' 'unsafe-eval'; style-src https: http: 'self' 'unsafe-inline'; img-src https: http: 'self' data:; font-src https: http: 'self' data:; object-src 'none'; media-src https: http: 'self' data:"; + more_set_headers "Referrer-Policy: "strict-origin-when-cross-origin"; alias __INSTALL_DIR__/front/dist/embed.html; expires 1d; @@ -95,12 +95,12 @@ location /.well-known/ { location /media/__sized__/ { alias __DATA_DIR__/data/media/__sized__/; - add_header Acces-Control-Allow-Origin '*'; + more_set_headers "Acces-Control-Allow-Origin '*'"; } location /media/attachments/ { alias __DATA_DIR__/data/media/attachments/; - add_header Access-Control-Allow-Origin '*'; + more_set_headers "Access-Control-Allow-Origin '*'"; } # This is an internal location that is used to serve @@ -114,7 +114,7 @@ location /media/attachments/ { # # Needed to ensure DSub auth isn't forwarded to S3/Minio, see #932. # proxy_set_header Authorization ""; # S3 # proxy_pass $1; # S3 - # add_header Access-Control-Allow-Origin '*'; + # more_set_headers "Access-Control-Allow-Origin '*'"; #} location /_protected/music/ { @@ -124,7 +124,7 @@ location /_protected/music/ { # Set this to the same value as your MUSIC_DIRECTORY_PATH setting internal; alias __DATA_DIR__/data/music/; - add_header Access-Control-Allow-Origin '*'; + more_set_headers "Access-Control-Allow-Origin '*'"; } location /manifest.json {