Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
slapos
Commits
6c80353c
Commit
6c80353c
authored
Jun 14, 2018
by
Łukasz Nowak
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
caddy-frontend: Avoid implementation of wrong feature
Removing 'secure' from cookie send by backend is plain wrong.
parent
949ccb69
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
1 addition
and
9 deletions
+1
-9
software/caddy-frontend/README.caddy_frontend.rst
software/caddy-frontend/README.caddy_frontend.rst
+0
-5
software/caddy-frontend/buildout.hash.cfg
software/caddy-frontend/buildout.hash.cfg
+1
-1
software/caddy-frontend/templates/default-virtualhost.conf.in
...ware/caddy-frontend/templates/default-virtualhost.conf.in
+0
-3
No files found.
software/caddy-frontend/README.caddy_frontend.rst
View file @
6c80353c
...
@@ -355,9 +355,6 @@ Request slave frontend instance so that https://[1:2:3:4:5:6:7:8]:1234 will be::
...
@@ -355,9 +355,6 @@ Request slave frontend instance so that https://[1:2:3:4:5:6:7:8]:1234 will be::
ProxyTimeout 600
ProxyTimeout 600
RewriteEngine On
RewriteEngine On
# Remove "Secure" from cookies, as backend may be https
Header edit Set-Cookie "(?i)^(.+);secure$" "$1"
# Not using HTTPS? Ask that guy over there.
# Not using HTTPS? Ask that guy over there.
# Dummy redirection to https. Note: will work only if https listens
# Dummy redirection to https. Note: will work only if https listens
# on standard port (443).
# on standard port (443).
...
@@ -432,8 +429,6 @@ the proxy::
...
@@ -432,8 +429,6 @@ the proxy::
LogLevel info
LogLevel info
LogFormat "%%h %%l %%{REMOTE_USER}i %%t \"%%r\" %%>s %%b \"%%{Referer}i\" \"%%{User-Agent}i\" %%D" combined
LogFormat "%%h %%l %%{REMOTE_USER}i %%t \"%%r\" %%>s %%b \"%%{Referer}i\" \"%%{User-Agent}i\" %%D" combined
CustomLog "%(access_log)s" combined
CustomLog "%(access_log)s" combined
# Remove "Secure" from cookies, as backend may be https
Header edit Set-Cookie "(?i)^(.+);secure$" "$1"
# Not using HTTPS? Ask that guy over there.
# Not using HTTPS? Ask that guy over there.
# Dummy redirection to https. Note: will work only if https listens
# Dummy redirection to https. Note: will work only if https listens
# on standard port (443).
# on standard port (443).
...
...
software/caddy-frontend/buildout.hash.cfg
View file @
6c80353c
...
@@ -50,7 +50,7 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b
...
@@ -50,7 +50,7 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b
[template-default-slave-virtualhost]
[template-default-slave-virtualhost]
filename = templates/default-virtualhost.conf.in
filename = templates/default-virtualhost.conf.in
md5sum =
113d1708520bca2ebbd72d84b440c37b
md5sum =
9568465d1c1423343f7b043c8345f917
[template-cached-slave-virtualhost]
[template-cached-slave-virtualhost]
filename = templates/cached-virtualhost.conf.in
filename = templates/cached-virtualhost.conf.in
...
...
software/caddy-frontend/templates/default-virtualhost.conf.in
View file @
6c80353c
...
@@ -129,9 +129,6 @@
...
@@ -129,9 +129,6 @@
log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
errors {{ slave_parameter.get('error_log') }}
errors {{ slave_parameter.get('error_log') }}
# TODO-Caddy # Remove "Secure" from cookies, as backend may be https
# TODO-Caddy Header edit Set-Cookie "(?i)^(.+);secure$" "$1"
{%- for disabled_cookie in disabled_cookie_list %}
{%- for disabled_cookie in disabled_cookie_list %}
# TODO-Caddy {{' RequestHeader edit Cookie "(^%(disabled_cookie)s=[^;]*; |; %(disabled_cookie)s=[^;]*|^%(disabled_cookie)s=[^;]*$)" ""' % dict(disabled_cookie=disabled_cookie) }}
# TODO-Caddy {{' RequestHeader edit Cookie "(^%(disabled_cookie)s=[^;]*; |; %(disabled_cookie)s=[^;]*|^%(disabled_cookie)s=[^;]*$)" ""' % dict(disabled_cookie=disabled_cookie) }}
{% endfor -%}
{% endfor -%}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment