Mercurial > repos > other > Puppet
changeset 173:c72d2b5f9be2 puppet-3.6
Try to fix NextCloud warnings about "wrong" headers
The problem is that "always set" results in two values and NextCloud
checks for a perfect match.
Removing "always" means header only gets added on "success" pages
and not error pages, so hopefully it still gets added in all
appropriate places.
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Sat, 17 Feb 2018 20:59:37 +0000 |
| parents | 1af9fd04c285 |
| children | 1457b5365c79 |
| files | modules/website/manifests/https/redir.pp modules/website/templates/https_core_conf.erb |
| diffstat | 2 files changed, 6 insertions(+), 6 deletions(-) [+] |
line wrap: on
line diff
--- a/modules/website/manifests/https/redir.pp Sat Feb 10 13:32:51 2018 +0000 +++ b/modules/website/manifests/https/redir.pp Sat Feb 17 20:59:37 2018 +0000 @@ -102,9 +102,9 @@ } $custom_conf = 'Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains" -Header always set X-Xss-Protection "1; mode=block" -Header always set X-Content-Type-Options "nosniff" -Header always set X-Frame-Options "SAMEORIGIN"' +Header set X-Xss-Protection "1; mode=block" +Header set X-Content-Type-Options "nosniff" +Header set X-Frame-Options "SAMEORIGIN"' apache::vhost { $name: ip => $ip,
--- a/modules/website/templates/https_core_conf.erb Sat Feb 10 13:32:51 2018 +0000 +++ b/modules/website/templates/https_core_conf.erb Sat Feb 17 20:59:37 2018 +0000 @@ -1,7 +1,7 @@ Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains" -Header always set X-Xss-Protection "1; mode=block" -Header always set X-Content-Type-Options "nosniff" -Header always set X-Frame-Options "SAMEORIGIN" +Header set X-Xss-Protection "1; mode=block" +Header set X-Content-Type-Options "nosniff" +Header set X-Frame-Options "SAMEORIGIN" RewriteCond %{HTTP_HOST} !=<%= @primary_name %> RewriteRule ^(.*)$ https://<%= @primary_name %>$1 [R=301,L]