nginx: use safer request_uri variable

Fix >> Problem: [http_splitting] Possible HTTP-Splitting vulnerability. https://github.com/yandex/gixy/blob/master/docs/en/plugins/httpsplitting.md
2024-10-16 15:37:44 +02:00 · 2024-10-16 15:37:44 +02:00 · 5300f381b0
parent 8a18ee452b
commit 5300f381b0
1 changed files with 1 additions and 1 deletions
--- a/modules/nginx-mastodon-files/default.nix
+++ b/modules/nginx-mastodon-files/default.nix
@ -44,7 +44,7 @@ in
            proxy_hide_header x-amz-bucket-region;
            proxy_hide_header x-amzn-requestid;
            proxy_ignore_headers Set-Cookie;
-            proxy_pass $s3_backend$uri;
+            proxy_pass $s3_backend$request_uri;
            proxy_intercept_errors off;
            proxy_ssl_protocols TLSv1.2 TLSv1.3;
            proxy_ssl_server_name on;