dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

nixos/middleman: Fix Matrix cross-origin shite

Browse Source
This commit is contained in:
Jack O'Sullivan
2023-01-13 14:04:47 +00:00
parent 6fe897fd3c
commit 3c25260e79
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix
View File

@@ -40,6 +40,7 @@ let
alias = "${wellKnownRoot}/"; alias = "${wellKnownRoot}/";
extraConfig = '' extraConfig = ''
autoindex on; autoindex on;
add_header Access-Control-Allow-Origin *;
''; '';
}; };
"/.well-known/webfinger".return = "301 https://toot.nul.ie$request_uri"; "/.well-known/webfinger".return = "301 https://toot.nul.ie$request_uri";
@@ -179,9 +180,10 @@ in
"element.${lib.my.pubDomain}" = "element.${lib.my.pubDomain}" =
let let
headers = '' headers = ''
add_header X-Frame-Options SAMEORIGIN; # TODO: why are these here?
add_header X-Content-Type-Options nosniff; #add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block"; #add_header X-Content-Type-Options nosniff;
#add_header X-XSS-Protection "1; mode=block";
# This seems to break file downloads... # This seems to break file downloads...
#add_header Content-Security-Policy "frame-ancestors 'none'"; #add_header Content-Security-Policy "frame-ancestors 'none'";
''; '';