summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Deutschmann <whissi@whissi.de>2016-07-20 01:16:33 +0200
committerLars Wendler <polynomial-c@gentoo.org>2016-07-26 11:51:22 +0200
commitc4b897dc39a939d0f409e1bcd9f6bd9c75679cf9 (patch)
tree52abd0a135aee9694f095e01702e038249706bb1 /www-servers/nginx/files
parentwww-servers/nginx: Cleanup (diff)
downloadgentoo-c4b897dc39a939d0f409e1bcd9f6bd9c75679cf9.tar.gz
gentoo-c4b897dc39a939d0f409e1bcd9f6bd9c75679cf9.tar.bz2
gentoo-c4b897dc39a939d0f409e1bcd9f6bd9c75679cf9.zip
www-servers/nginx: HTTPoxy mitigation added
Package-Manager: portage-2.3.0 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Diffstat (limited to 'www-servers/nginx/files')
-rw-r--r--www-servers/nginx/files/nginx-httpoxy-mitigation.patch33
1 files changed, 33 insertions, 0 deletions
diff --git a/www-servers/nginx/files/nginx-httpoxy-mitigation.patch b/www-servers/nginx/files/nginx-httpoxy-mitigation.patch
new file mode 100644
index 000000000000..7e9618b0a36a
--- /dev/null
+++ b/www-servers/nginx/files/nginx-httpoxy-mitigation.patch
@@ -0,0 +1,33 @@
+httpoxy mitigation
+
+See https://httpoxy.org/ and https://www.nginx.com/blog/?p=41962 for details.
+---
+ conf/fastcgi.conf | 3 +++
+ conf/fastcgi_params | 3 +++
+ 2 files changed, 6 insertions(+)
+
+diff --git a/conf/fastcgi.conf b/conf/fastcgi.conf
+index 091738c..9f7e192 100644
+--- a/conf/fastcgi.conf
++++ b/conf/fastcgi.conf
+@@ -24,3 +24,6 @@ fastcgi_param SERVER_NAME $server_name;
+
+ # PHP only, required if PHP was built with --enable-force-cgi-redirect
+ fastcgi_param REDIRECT_STATUS 200;
++
++# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962)
++fastcgi_param HTTP_PROXY "";
+diff --git a/conf/fastcgi_params b/conf/fastcgi_params
+index 28decb9..3be3a95 100644
+--- a/conf/fastcgi_params
++++ b/conf/fastcgi_params
+@@ -23,3 +23,6 @@ fastcgi_param SERVER_NAME $server_name;
+
+ # PHP only, required if PHP was built with --enable-force-cgi-redirect
+ fastcgi_param REDIRECT_STATUS 200;
++
++# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962)
++fastcgi_param HTTP_PROXY "";
+--
+2.9.2
+