Mercurial > repos > other > Puppet
changeset 111:501afb45ffc7 puppet-3.6
Make sure that HTTPS redirects have the full set of headers
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Sat, 04 Jun 2016 14:05:14 +0100 |
| parents | be2b30b17a4c |
| children | 5967c1b18860 |
| files | modules/website/manifests/https/redir.pp |
| diffstat | 1 files changed, 6 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/modules/website/manifests/https/redir.pp Tue May 31 22:02:15 2016 +0100 +++ b/modules/website/manifests/https/redir.pp Sat Jun 04 14:05:14 2016 +0100 @@ -89,6 +89,11 @@ $group = $docroot_group } + $custom_conf = 'Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains" +Header always set X-Xss-Protection "1; mode=block" +Header always set X-Content-Type-Options "nosniff" +Header always set X-Frame-Options "SAMEORIGIN"' + apache::vhost { $name: ip => $ip, port => '443', @@ -97,7 +102,7 @@ docroot_group => $group, redirect_status => 'permanent', redirect_dest => $redir, - custom_fragment => 'Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains"', + custom_fragment => $custom_conf, logroot => '/var/log/apache/', access_log_file => "access_${logpart}${log_extra}.log", error_log_file => "error_${logpart}${log_extra}.log",