Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add X-Frame-Options header on nagios, trac, wiki 

Prevents clickjacking attacks.

(imported from commit 8b3872e607d8a4e714c280a3226465fde0d5a6ed)
This commit is contained in:
Keegan McAllister 2012-11-30 21:08:26 -05:00
parent 7c495d7232
commit d435f29308
3 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
servers/puppet/files/apache/sites/nagios
View File

@ -11,6 +11,7 @@
SSLCertificateKeyFile /etc/apache2/certs/humbug-self-signed.key SSLCertificateKeyFile /etc/apache2/certs/humbug-self-signed.key
Header add Strict-Transport-Security "max-age=15768000" Header add Strict-Transport-Security "max-age=15768000"
Header add X-Frame-Options DENY
ScriptAlias /cgi-bin/nagios3 /usr/lib/cgi-bin/nagios3 ScriptAlias /cgi-bin/nagios3 /usr/lib/cgi-bin/nagios3
ScriptAlias /nagios3/cgi-bin /usr/lib/cgi-bin/nagios3 ScriptAlias /nagios3/cgi-bin /usr/lib/cgi-bin/nagios3

1
servers/puppet/files/apache/sites/trac
View File

@ -11,6 +11,7 @@
SSLCertificateKeyFile /etc/apache2/certs/humbug-self-signed.key SSLCertificateKeyFile /etc/apache2/certs/humbug-self-signed.key
Header add Strict-Transport-Security "max-age=15768000" Header add Strict-Transport-Security "max-age=15768000"
Header add X-Frame-Options DENY
Alias /chrome/common /home/humbug/trac/htdocs/common Alias /chrome/common /home/humbug/trac/htdocs/common
Alias /chrome/site /home/humbug/trac/htdocs/site Alias /chrome/site /home/humbug/trac/htdocs/site

1
servers/puppet/files/apache/sites/wiki
View File

@ -11,6 +11,7 @@
SSLCertificateKeyFile /etc/apache2/certs/humbug-self-signed.key SSLCertificateKeyFile /etc/apache2/certs/humbug-self-signed.key
Header add Strict-Transport-Security "max-age=15768000" Header add Strict-Transport-Security "max-age=15768000"
Header add X-Frame-Options DENY
RewriteEngine On RewriteEngine On
ProxyPreserveHost On ProxyPreserveHost On