diff options
author | Thomas Deutschmann <whissi@whissi.de> | 2016-07-20 01:16:33 +0200 |
---|---|---|
committer | Lars Wendler <polynomial-c@gentoo.org> | 2016-07-26 11:51:22 +0200 |
commit | c4b897dc39a939d0f409e1bcd9f6bd9c75679cf9 (patch) | |
tree | 52abd0a135aee9694f095e01702e038249706bb1 /www-servers/nginx/files | |
parent | www-servers/nginx: Cleanup (diff) | |
download | gentoo-c4b897dc39a939d0f409e1bcd9f6bd9c75679cf9.tar.gz gentoo-c4b897dc39a939d0f409e1bcd9f6bd9c75679cf9.tar.bz2 gentoo-c4b897dc39a939d0f409e1bcd9f6bd9c75679cf9.zip |
www-servers/nginx: HTTPoxy mitigation added
Package-Manager: portage-2.3.0
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Diffstat (limited to 'www-servers/nginx/files')
-rw-r--r-- | www-servers/nginx/files/nginx-httpoxy-mitigation.patch | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/www-servers/nginx/files/nginx-httpoxy-mitigation.patch b/www-servers/nginx/files/nginx-httpoxy-mitigation.patch new file mode 100644 index 000000000000..7e9618b0a36a --- /dev/null +++ b/www-servers/nginx/files/nginx-httpoxy-mitigation.patch @@ -0,0 +1,33 @@ +httpoxy mitigation + +See https://httpoxy.org/ and https://www.nginx.com/blog/?p=41962 for details. +--- + conf/fastcgi.conf | 3 +++ + conf/fastcgi_params | 3 +++ + 2 files changed, 6 insertions(+) + +diff --git a/conf/fastcgi.conf b/conf/fastcgi.conf +index 091738c..9f7e192 100644 +--- a/conf/fastcgi.conf ++++ b/conf/fastcgi.conf +@@ -24,3 +24,6 @@ fastcgi_param SERVER_NAME $server_name; + + # PHP only, required if PHP was built with --enable-force-cgi-redirect + fastcgi_param REDIRECT_STATUS 200; ++ ++# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962) ++fastcgi_param HTTP_PROXY ""; +diff --git a/conf/fastcgi_params b/conf/fastcgi_params +index 28decb9..3be3a95 100644 +--- a/conf/fastcgi_params ++++ b/conf/fastcgi_params +@@ -23,3 +23,6 @@ fastcgi_param SERVER_NAME $server_name; + + # PHP only, required if PHP was built with --enable-force-cgi-redirect + fastcgi_param REDIRECT_STATUS 200; ++ ++# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962) ++fastcgi_param HTTP_PROXY ""; +-- +2.9.2 + |