kopia lustrzana https://github.com/alecmuffett/eotk
commit: option SUPPRESS_METHODS_EXCEPT_GET
rodzic
920d02a7c4
commit
ddd351ae72
|
@ -338,6 +338,7 @@ sub DoProject {
|
|||
&SetEnv("suppress_header_csp", 1); # eventually header_csp_rewrite?
|
||||
&SetEnv("suppress_header_hpkp", 1);
|
||||
&SetEnv("suppress_header_hsts", 1);
|
||||
&SetEnv("suppress_methods_except_get", 0);
|
||||
|
||||
&SetEnv("SCRIPT_NAMES", "bounce.sh debugoff.sh debugon.sh harvest.sh maps.sh nxreload.sh start.sh status.sh stop.sh syntax.sh torreload.sh");
|
||||
&SetEnv("SCRIPT_PAUSE", 5);
|
||||
|
|
|
@ -101,7 +101,7 @@ http {
|
|||
;
|
||||
%%END
|
||||
|
||||
# fix the header-redirects; TODO: CHECK THIS DWYW
|
||||
# fix the header-redirects
|
||||
%%BEGIN
|
||||
proxy_redirect
|
||||
~*^(.*?)\\b%DNS_DOMAIN_RE2%\\b(.*)$
|
||||
|
@ -221,6 +221,8 @@ http {
|
|||
location ~*^/hello[-_]onion/?$ {
|
||||
return 200 "Hello, Onion User!";
|
||||
}
|
||||
%%ELSE
|
||||
# no "hello-onion" endpoint
|
||||
%%ENDIF
|
||||
|
||||
# for traffic
|
||||
|
@ -242,6 +244,15 @@ http {
|
|||
return onion2dns(ngx.var.http_origin)
|
||||
}
|
||||
proxy_set_header Origin $origin2;
|
||||
|
||||
%%IF %SUPPRESS_METHODS_EXCEPT_GET%
|
||||
# suppress non-GET methods (e.g.: POST)
|
||||
limit_except GET {
|
||||
deny all;
|
||||
}
|
||||
%%ELSE
|
||||
# non-GET methods (e.g.: POST) are not suppressed
|
||||
%%ENDIF
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Ładowanie…
Reference in New Issue