Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
76e96878
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
76e96878
编写于
3月 03, 2017
作者:
P
Paweł Chojnacki
提交者:
Marin Jankovski
3月 03, 2017
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Stop setting Strict-Transport-Securty header from within the app
上级
a9a58156
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
31 addition
and
4 deletion
+31
-4
app/controllers/application_controller.rb
app/controllers/application_controller.rb
+0
-4
changelogs/unreleased/3440-remove-hsts-header.yml
changelogs/unreleased/3440-remove-hsts-header.yml
+4
-0
doc/update/8.17-to-9.0.md
doc/update/8.17-to-9.0.md
+24
-0
lib/support/nginx/gitlab-ssl
lib/support/nginx/gitlab-ssl
+3
-0
未找到文件。
app/controllers/application_controller.rb
浏览文件 @
76e96878
...
...
@@ -122,10 +122,6 @@ class ApplicationController < ActionController::Base
headers
[
'X-XSS-Protection'
]
=
'1; mode=block'
headers
[
'X-UA-Compatible'
]
=
'IE=edge'
headers
[
'X-Content-Type-Options'
]
=
'nosniff'
# Enabling HSTS for non-standard ports would send clients to the wrong port
if
Gitlab
.
config
.
gitlab
.
https
&&
Gitlab
.
config
.
gitlab
.
port
==
443
headers
[
'Strict-Transport-Security'
]
=
'max-age=31536000'
end
end
def
validate_user_service_ticket!
...
...
changelogs/unreleased/3440-remove-hsts-header.yml
0 → 100644
浏览文件 @
76e96878
---
title
:
Stop setting Strict-Transport-Securty header from within the app
merge_request
:
author
:
doc/update/8.17-to-9.0.md
0 → 100644
浏览文件 @
76e96878
#### Nginx configuration
Ensure you're still up-to-date with the latest NGINX configuration changes:
```
sh
cd
/home/git/gitlab
# For HTTPS configurations
git diff origin/8-17-stable:lib/support/nginx/gitlab-ssl origin/9-0-stable:lib/support/nginx/gitlab-ssl
# For HTTP configurations
git diff origin/8-17-stable:lib/support/nginx/gitlab origin/9-0-stable:lib/support/nginx/gitlab
```
If you are using Strict-Transport-Security in your installation to continue using it you must enable it in your Nginx
configuration as GitLab application no longer handles setting it.
If you are using Apache instead of NGINX please see the updated [Apache templates].
Also note that because Apache does not support upstreams behind Unix sockets you
will need to let gitlab-workhorse listen on a TCP port. You can do this
via [/etc/default/gitlab].
[
Apache templates
]:
https://gitlab.com/gitlab-org/gitlab-recipes/tree/master/web-server/apache
[
/etc/default/gitlab
]:
https://gitlab.com/gitlab-org/gitlab-ce/blob/9-0-stable/lib/support/init.d/gitlab.default.example#L38
lib/support/nginx/gitlab-ssl
浏览文件 @
76e96878
...
...
@@ -82,6 +82,9 @@ server {
##
# ssl_dhparam /etc/ssl/certs/dhparam.pem;
## [Optional] Enable HTTP Strict Transport Security
# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
## Individual nginx logs for this GitLab vhost
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录