]> git.openstreetmap.org Git - chef.git/commitdiff
projects / chef.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 4a113af)
Remove Strict-Transport-Security proxy passed header
authorGrant Slater <git@firefishy.com>
Mon, 16 Apr 2018 22:21:53 +0000 (23:21 +0100)
committerGrant Slater <git@firefishy.com>
Mon, 16 Apr 2018 22:21:53 +0000 (23:21 +0100)
cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb patch | blob | history

diff --git a/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb b/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb
index cd8775dab3711e4ec187a648a974c09b6a5c96ce..ac62a3775c07c5e6564a19374f93b059fd3e904f 100644 (file)
--- a/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb
+++ b/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb
@@ -73,6 +73,8 @@ server {
       # Set a QoS cookie if none presented (uses nginx Map)
       add_header Set-Cookie $cookie_qos_token_set;
 <% if node[:ssl][:strict_transport_security] -%>
+      # Ensure Strict-Transport-Security header is removed from proxied server responses
+      proxy_hide_header Strict-Transport-Security;
 
       # Enable HSTS
       add_header Strict-Transport-Security "<%= node[:ssl][:strict_transport_security] %>" always;
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.