pub-solar/infra
6
1
Fork 3
Code Issues 24 Pull requests 10 Actions Packages Projects 1 Releases Wiki Activity

nginx: use safer request_uri variable
All checks were successful
Flake checks / Check (pull_request) Successful in 21m30s
Details

Browse source 
Fix >> Problem: [http_splitting] Possible HTTP-Splitting vulnerability.
https://github.com/yandex/gixy/blob/master/docs/en/plugins/httpsplitting.md
This commit is contained in:
teutat3s 2024-10-16 15:37:44 +02:00
parent 8a18ee452b
commit 5300f381b0
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
modules/nginx-mastodon-files/default.nix
View file

@ -44,7 +44,7 @@ in
proxy_hide_header x-amz-bucket-region; proxy_hide_header x-amz-bucket-region;
proxy_hide_header x-amzn-requestid; proxy_hide_header x-amzn-requestid;
proxy_ignore_headers Set-Cookie; proxy_ignore_headers Set-Cookie;
proxy_pass $s3_backend$uri; proxy_pass $s3_backend$request_uri;
proxy_intercept_errors off; proxy_intercept_errors off;
proxy_ssl_protocols TLSv1.2 TLSv1.3; proxy_ssl_protocols TLSv1.2 TLSv1.3;
proxy_ssl_server_name on; proxy_ssl_server_name on;