christianlight/tutor
6
0
Fork 0
mirror of https://github.com/ChristianLight/tutor.git synced 2024-12-13 14:43:03 +00:00
Code Issues Releases Activity

Remove information that makes web server identifiable

Browse Source 
P3P is obsolete https://en.wikipedia.org/wiki/P3P
Also, these P3P headers leak information about the application that is
running, making it sensitive to attacks.
This commit is contained in:
Régis Behmo 2019-06-25 14:00:31 +02:00
parent 69d7cf049d
commit f4796fce4b
2 changed files with 3 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
tutor/templates/apps/nginx/cms.conf
View File

@ -21,14 +21,10 @@ server {
{% endif %} {% endif %}
client_max_body_size 100M; client_max_body_size 100M;
server_tokens off;
rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last; rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last;
# Disables server version feedback on pages and in headers
server_tokens off;
# Prevent invalid display courseware in IE 10+ with high privacy settings
add_header P3P 'CP="Open edX does not have a P3P policy."';
location @proxy_to_cms_app { location @proxy_to_cms_app {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Port $server_port;

6
tutor/templates/apps/nginx/lms.conf
View File

@ -21,14 +21,10 @@ server {
{% endif %} {% endif %}
client_max_body_size 4M; client_max_body_size 4M;
server_tokens off;
rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last; rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last;
# Disables server version feedback on pages and in headers
server_tokens off;
# Prevent invalid display courseware in IE 10+ with high privacy settings
add_header P3P 'CP="Open edX does not have a P3P policy."';
location @proxy_to_lms_app { location @proxy_to_lms_app {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Port $server_port;