Mercurial > repos > other > Puppet

diff modules/website/templates/https_core_conf.erb @ 173:c72d2b5f9be2 puppet-3.6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Try to fix NextCloud warnings about "wrong" headers The problem is that "always set" results in two values and NextCloud checks for a perfect match. Removing "always" means header only gets added on "success" pages and not error pages, so hopefully it still gets added in all appropriate places.
author IBBoard <dev@ibboard.co.uk>
date Sat, 17 Feb 2018 20:59:37 +0000
parents 9cf4ebd6d2ba
children 4519b727cc4c
line wrap: on
line diff
--- a/modules/website/templates/https_core_conf.erb	Sat Feb 10 13:32:51 2018 +0000
+++ b/modules/website/templates/https_core_conf.erb	Sat Feb 17 20:59:37 2018 +0000
@@ -1,7 +1,7 @@
 Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains"
-Header always set X-Xss-Protection "1; mode=block"
-Header always set X-Content-Type-Options "nosniff"
-Header always set X-Frame-Options "SAMEORIGIN"
+Header set X-Xss-Protection "1; mode=block"
+Header set X-Content-Type-Options "nosniff"
+Header set X-Frame-Options "SAMEORIGIN"
 
 RewriteCond %{HTTP_HOST} !=<%= @primary_name %>
 RewriteRule ^(.*)$ https://<%= @primary_name %>$1 [R=301,L]