Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-22 12:15:36 +01:00
Code Issues Projects Releases Wiki Activity

reassign security headers

Browse Source
This commit is contained in:
Kyle Spearrin 2018-08-31 17:02:49 -04:00
parent 9eae04a9c7
commit b2d63b2383
2 changed files with 3 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
util/Nginx/nginx.conf
View File

@ -140,9 +140,6 @@ http {
map $uri $fido_content_type { map $uri $fido_content_type {
default "application/fido.trusted-apps+json"; default "application/fido.trusted-apps+json";
} }
# Security headers
include security-headers.conf;
# Include files in the sites-enabled folder. server{} configuration files should be # Include files in the sites-enabled folder. server{} configuration files should be
# placed in the sites-available folder, and then the configuration should be enabled # placed in the sites-available folder, and then the configuration should be enabled

15
util/Setup/Templates/NginxConfig.hbs
View File

@ -46,42 +46,33 @@ server {
include /etc/nginx/security-headers-ssl.conf; include /etc/nginx/security-headers-ssl.conf;
{{/if}} {{/if}}
include /etc/nginx/security-headers.conf;
location / { location / {
proxy_pass http://web:5000/; proxy_pass http://web:5000/;
include /etc/nginx/security-headers.conf;
{{#if Ssl}} {{#if Ssl}}
include /etc/nginx/security-headers-ssl.conf; include /etc/nginx/security-headers-ssl.conf;
{{/if}} {{/if}}
include /etc/nginx/security-headers.conf;
add_header Content-Security-Policy "{{{ContentSecurityPolicy}}}"; add_header Content-Security-Policy "{{{ContentSecurityPolicy}}}";
} }
location = /app-id.json { location = /app-id.json {
proxy_pass http://web:5000/app-id.json; proxy_pass http://web:5000/app-id.json;
include /etc/nginx/security-headers.conf;
{{#if Ssl}} {{#if Ssl}}
include /etc/nginx/security-headers-ssl.conf; include /etc/nginx/security-headers-ssl.conf;
{{/if}} {{/if}}
include /etc/nginx/security-headers.conf;
proxy_hide_header Content-Type; proxy_hide_header Content-Type;
add_header Content-Type $fido_content_type; add_header Content-Type $fido_content_type;
} }
location = /duo-connector.html { location = /duo-connector.html {
proxy_pass http://web:5000/duo-connector.html; proxy_pass http://web:5000/duo-connector.html;
include /etc/nginx/security-headers.conf;
{{#if Ssl}}
include /etc/nginx/security-headers-ssl.conf;
{{/if}}
add_header X-Frame-Options "";
} }
location = /u2f-connector.html { location = /u2f-connector.html {
proxy_pass http://web:5000/u2f-connector.html; proxy_pass http://web:5000/u2f-connector.html;
include /etc/nginx/security-headers.conf;
{{#if Ssl}}
include /etc/nginx/security-headers-ssl.conf;
{{/if}}
add_header X-Frame-Options "";
} }
location /attachments/ { location /attachments/ {