You've already forked mastodon-utils
							
							
				mirror of
				https://github.com/jakejarvis/mastodon-utils.git
				synced 2025-10-26 04:55:47 -04:00 
			
		
		
		
	override Referrer-Policy response header
				
					
				
			This commit is contained in:
		| @@ -87,55 +87,55 @@ server { | |||||||
|   # then needed must replace line `try_files $uri =404;` with `try_files $uri @proxy;`. |   # then needed must replace line `try_files $uri =404;` with `try_files $uri @proxy;`. | ||||||
|   location = /sw.js { |   location = /sw.js { | ||||||
|     add_header Cache-Control "public, max-age=604800, must-revalidate"; |     add_header Cache-Control "public, max-age=604800, must-revalidate"; | ||||||
|     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; |     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always; | ||||||
|     try_files $uri =404; |     try_files $uri =404; | ||||||
|   } |   } | ||||||
|  |  | ||||||
|   location ~ ^/assets/ { |   location ~ ^/assets/ { | ||||||
|     add_header Cache-Control "public, max-age=2419200, must-revalidate"; |     add_header Cache-Control "public, max-age=2419200, must-revalidate"; | ||||||
|     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; |     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always; | ||||||
|     try_files $uri =404; |     try_files $uri =404; | ||||||
|   } |   } | ||||||
|  |  | ||||||
|   location ~ ^/avatars/ { |   location ~ ^/avatars/ { | ||||||
|     add_header Cache-Control "public, max-age=2419200, must-revalidate"; |     add_header Cache-Control "public, max-age=2419200, must-revalidate"; | ||||||
|     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; |     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always; | ||||||
|     try_files $uri =404; |     try_files $uri =404; | ||||||
|   } |   } | ||||||
|  |  | ||||||
|   location ~ ^/emoji/ { |   location ~ ^/emoji/ { | ||||||
|     add_header Cache-Control "public, max-age=2419200, must-revalidate"; |     add_header Cache-Control "public, max-age=2419200, must-revalidate"; | ||||||
|     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; |     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always; | ||||||
|     try_files $uri =404; |     try_files $uri =404; | ||||||
|   } |   } | ||||||
|  |  | ||||||
|   location ~ ^/headers/ { |   location ~ ^/headers/ { | ||||||
|     add_header Cache-Control "public, max-age=2419200, must-revalidate"; |     add_header Cache-Control "public, max-age=2419200, must-revalidate"; | ||||||
|     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; |     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always; | ||||||
|     try_files $uri =404; |     try_files $uri =404; | ||||||
|   } |   } | ||||||
|  |  | ||||||
|   location ~ ^/packs/ { |   location ~ ^/packs/ { | ||||||
|     add_header Cache-Control "public, max-age=2419200, must-revalidate"; |     add_header Cache-Control "public, max-age=2419200, must-revalidate"; | ||||||
|     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; |     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always; | ||||||
|     try_files $uri =404; |     try_files $uri =404; | ||||||
|   } |   } | ||||||
|  |  | ||||||
|   location ~ ^/shortcuts/ { |   location ~ ^/shortcuts/ { | ||||||
|     add_header Cache-Control "public, max-age=2419200, must-revalidate"; |     add_header Cache-Control "public, max-age=2419200, must-revalidate"; | ||||||
|     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; |     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always; | ||||||
|     try_files $uri =404; |     try_files $uri =404; | ||||||
|   } |   } | ||||||
|  |  | ||||||
|   location ~ ^/sounds/ { |   location ~ ^/sounds/ { | ||||||
|     add_header Cache-Control "public, max-age=2419200, must-revalidate"; |     add_header Cache-Control "public, max-age=2419200, must-revalidate"; | ||||||
|     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; |     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always; | ||||||
|     try_files $uri =404; |     try_files $uri =404; | ||||||
|   } |   } | ||||||
|  |  | ||||||
|   location ~ ^/system/ { |   location ~ ^/system/ { | ||||||
|     add_header Cache-Control "public, max-age=2419200, immutable"; |     add_header Cache-Control "public, max-age=2419200, immutable"; | ||||||
|     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; |     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always; | ||||||
|     try_files $uri =404; |     try_files $uri =404; | ||||||
|   } |   } | ||||||
|  |  | ||||||
| @@ -153,11 +153,10 @@ server { | |||||||
|     proxy_set_header Upgrade $http_upgrade; |     proxy_set_header Upgrade $http_upgrade; | ||||||
|     proxy_set_header Connection $connection_upgrade; |     proxy_set_header Connection $connection_upgrade; | ||||||
|  |  | ||||||
|     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; |     add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always; | ||||||
|  |  | ||||||
|     # jake: added (debugging) |     # jake: added (debugging) | ||||||
|     add_header Via $proxy_host; |     add_header Via "1.1 $proxy_host" always; | ||||||
|     add_header X-Got-Milk "2%"; |  | ||||||
|  |  | ||||||
|     tcp_nodelay on; |     tcp_nodelay on; | ||||||
|   } |   } | ||||||
| @@ -183,10 +182,14 @@ server { | |||||||
|     proxy_cache_valid 410 24h; |     proxy_cache_valid 410 24h; | ||||||
|     proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504; |     proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504; | ||||||
|  |  | ||||||
|  |     # jake: added (security) | ||||||
|  |     proxy_hide_header Referrer-Policy; | ||||||
|  |     add_header Referrer-Policy "strict-origin" always; | ||||||
|  |  | ||||||
|     # jake: added (debugging) |     # jake: added (debugging) | ||||||
|     add_header Via $proxy_host; |     add_header Via "1.1 $proxy_host" always; | ||||||
|     add_header X-Cache-Status $upstream_cache_status; |     add_header X-Cache-Status $upstream_cache_status always; | ||||||
|     add_header X-Got-Milk "2%"; |     add_header X-Got-Milk "2%" always; | ||||||
|  |  | ||||||
|     tcp_nodelay on; |     tcp_nodelay on; | ||||||
|   } |   } | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user