Mercurial > repos > other > Puppet

changeset 254:5a903aa91469

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Change header types and add module to fix NextCloud header checks We had SetEnvIf but not a standard Env "Header always set" and "Header set" are not the same and result in concatenated values
author IBBoard <dev@ibboard.co.uk>
date Sun, 29 Dec 2019 12:25:14 +0000
parents 5abf76953360
children d4b2bdfe47a6
files modules/website/manifests/init.pp modules/website/templates/https_core_conf.erb
diffstat 2 files changed, 7 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/modules/website/manifests/init.pp	Wed Dec 25 12:04:26 2019 +0000
+++ b/modules/website/manifests/init.pp	Sun Dec 29 12:25:14 2019 +0000
@@ -48,7 +48,10 @@
   }
   apache::mod {
     'rewrite':;
-    'expires':; 'setenvif':; 'headers':;
+    'expires':;
+    'env':;
+    'setenvif':;
+    'headers':;
     'version':;
   }
 
--- a/modules/website/templates/https_core_conf.erb	Wed Dec 25 12:04:26 2019 +0000
+++ b/modules/website/templates/https_core_conf.erb	Sun Dec 29 12:25:14 2019 +0000
@@ -1,9 +1,9 @@
 Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains"
 Header always set Content-Security-Policy "upgrade-insecure-requests; <%= @csp_string %>"
 Header always set Content-Security-Policy-Report-Only "<%= @csp_report_string %>"
-Header set X-Xss-Protection "1; mode=block"
-Header set X-Content-Type-Options "nosniff"
-Header set X-Frame-Options "SAMEORIGIN"
+Header always set X-Xss-Protection "1; mode=block"
+Header always set X-Content-Type-Options "nosniff"
+Header always set X-Frame-Options "SAMEORIGIN"
 
 RewriteCond %{HTTP_HOST} !=<%= @primary_name %>
 RewriteRule ^(.*)$ https://<%= @primary_name %>$1 [R=301,L]