YunoHost-Apps/mattermost_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mattermost_ynh.git synced 2024-09-03 19:36:29 +02:00
Code Issues Activity Actions

[autopatch] Fix Host and X-Forwarded-For header spoofing

Browse source
This commit is contained in:
tituspijean 2023-07-05 00:23:29 +02:00 committed by YunoHost Bot
parent fb3aed0add
commit 6c44b4017d
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
conf/nginx.conf
View file

@ -4,7 +4,7 @@ location ~ __PATH__/api/v[0-9]+/(users/)?websocket$ {
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade"; proxy_set_header Connection "upgrade";
client_max_body_size 50M; client_max_body_size 50M;
proxy_set_header Host $http_host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
@ -18,7 +18,7 @@ location ~ __PATH__/api/v[0-9]+/(users/)?websocket$ {
location __PATH__/ { location __PATH__/ {
client_max_body_size 50M; client_max_body_size 50M;
proxy_set_header Connection ""; proxy_set_header Connection "";
proxy_set_header Host $http_host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;