Don't allow cryptpad registrations plus no content security policy
csp causes things to fail
This commit is contained in:
parent
08b465af6a
commit
01ce3b7457
|
@ -376,6 +376,10 @@ function install_cryptpad_main {
|
|||
echo ' try_files $uri =404;' >> $cryptpad_nginx_site
|
||||
echo ' }' >> $cryptpad_nginx_site
|
||||
echo '' >> $cryptpad_nginx_site
|
||||
echo ' location ^~ /register/ {' >> $cryptpad_nginx_site
|
||||
echo ' try_files $uri =404;' >> $cryptpad_nginx_site
|
||||
echo ' }' >> $cryptpad_nginx_site
|
||||
echo '' >> $cryptpad_nginx_site
|
||||
echo ' location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media)$ {' >> $cryptpad_nginx_site
|
||||
echo ' rewrite ^(.*)$ $1/ redirect;' >> $cryptpad_nginx_site
|
||||
echo ' }' >> $cryptpad_nginx_site
|
||||
|
@ -406,8 +410,6 @@ function install_cryptpad_main {
|
|||
echo " set \$scriptSrc \"'self' 'unsafe-eval' 'unsafe-inline'\";" >> $cryptpad_nginx_site
|
||||
echo ' }' >> $cryptpad_nginx_site
|
||||
echo '' >> $cryptpad_nginx_site
|
||||
echo " add_header Content-Security-Policy \"default-src http:; script-src http: 'unsafe-inline'; style-src http: 'unsafe-inline'; img-src data: * blob: font-src self\";" >> $cryptpad_nginx_site
|
||||
echo '' >> $cryptpad_nginx_site
|
||||
echo ' location = /cryptpad_websocket {' >> $cryptpad_nginx_site
|
||||
echo " proxy_pass http://localhost:$CRYPTPAD_PORT;" >> $cryptpad_nginx_site
|
||||
echo ' proxy_set_header X-Real-IP $remote_addr;' >> $cryptpad_nginx_site
|
||||
|
@ -437,6 +439,10 @@ function install_cryptpad_main {
|
|||
echo ' try_files $uri =404;' >> $cryptpad_nginx_site
|
||||
echo ' }' >> $cryptpad_nginx_site
|
||||
echo '' >> $cryptpad_nginx_site
|
||||
echo ' location ^~ /register/ {' >> $cryptpad_nginx_site
|
||||
echo ' try_files $uri =404;' >> $cryptpad_nginx_site
|
||||
echo ' }' >> $cryptpad_nginx_site
|
||||
echo '' >> $cryptpad_nginx_site
|
||||
echo ' location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media)$ {' >> $cryptpad_nginx_site
|
||||
echo ' rewrite ^(.*)$ $1/ redirect;' >> $cryptpad_nginx_site
|
||||
echo ' }' >> $cryptpad_nginx_site
|
||||
|
@ -445,7 +451,7 @@ function install_cryptpad_main {
|
|||
echo '}' >> $cryptpad_nginx_site
|
||||
|
||||
sed -i 's|DENY;|SAMEORIGIN;|g' $cryptpad_nginx_site
|
||||
sed -i "s|Content-Security-Policy.*|Content-Security-Policy \"default-src http:; script-src http: 'unsafe-inline'; style-src http: 'unsafe-inline'; img-src data: * blob: font-src self\";|g" $cryptpad_nginx_site
|
||||
sed -i "/Content-Security-Policy/d" $cryptpad_nginx_site
|
||||
|
||||
function_check create_site_certificate
|
||||
create_site_certificate $CRYPTPAD_DOMAIN_NAME 'yes'
|
||||
|
|
Loading…
Reference in New Issue