nginx: use safer request_uri variable
All checks were successful
Flake checks / Check (pull_request) Successful in 9m9s
All checks were successful
Flake checks / Check (pull_request) Successful in 9m9s
Fix >> Problem: [http_splitting] Possible HTTP-Splitting vulnerability. https://github.com/yandex/gixy/blob/master/docs/en/plugins/httpsplitting.md
This commit is contained in:
parent
84c8e2617a
commit
d097188e66
|
@ -44,7 +44,7 @@ in
|
||||||
proxy_hide_header x-amz-bucket-region;
|
proxy_hide_header x-amz-bucket-region;
|
||||||
proxy_hide_header x-amzn-requestid;
|
proxy_hide_header x-amzn-requestid;
|
||||||
proxy_ignore_headers Set-Cookie;
|
proxy_ignore_headers Set-Cookie;
|
||||||
proxy_pass $s3_backend$uri;
|
proxy_pass $s3_backend$request_uri;
|
||||||
proxy_intercept_errors off;
|
proxy_intercept_errors off;
|
||||||
proxy_ssl_protocols TLSv1.2 TLSv1.3;
|
proxy_ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
proxy_ssl_server_name on;
|
proxy_ssl_server_name on;
|
||||||
|
|
Loading…
Reference in a new issue