ansuz
50c84949c8
invert NGINX settings to forbid remote embedding by default
2023-02-13 12:47:18 +05:30
Mathilde Grünig
0d7f1509b6
Add FreeBSD rc.d init script
2023-02-03 08:25:17 +01:00
Ente
c9fd6359aa
Send HTTP credentials when fetching blobs
...
With this change media-tag now sends HTTP credentials when fetching
blobs. Also changed the example nginx config to send
Access-Control-Allow-Credentials CORS headers. For this to work, we can
no longer use '*' for Access-Control-Allow-Origin [1][2]: Therefore the
example config was changed to set Access-Control-Allow-Origin to the
sandbox domain only.
Fixes:
- #705 : Blob fetch fails with 401 Unauthorized when HTTP basic auth is enabled [3]
Referenes:
[1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
[2]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSNotSupportingCredentials
[3]: https://github.com/xwiki-labs/cryptpad/issues/705
2022-12-14 11:27:51 +01:00
Mathilde Grünig
37ccaddbbe
2nd thought on HTTP/80, not needed in the end
2022-12-07 14:04:00 +01:00
Mathilde Grünig
1b731e2643
Add future-proof Nginx configuration
...
- support IPv6
- 80 to 443 redirect
- TLS generation
- better SSL sessions
- longer HSTS (2 years)
- OCSP stapling
2022-12-07 13:56:12 +01:00
ansuz
01cdfa1bbc
document yet another way that Safari/webkit is terrible
2022-10-05 15:17:07 +05:30
ansuz
8d7973850a
slightly smarter caching rules in example NGINX config
2022-09-13 18:34:30 +05:30
ansuz
c889823fca
fix custom file serving logic for static pages in NGINX
2022-09-06 14:36:23 +05:30
ansuz
4d022a2247
handle more cases for the cache-control header in NGINX
2022-09-06 14:35:13 +05:30
ansuz
aaa6efbbb0
better worst-case performance for static files served by NGINX
2022-07-22 16:46:02 +05:30
Maxime Cesson
c1adae6d59
Complete last commit (add og data to "Drive" and "File", handle missing config, modify nginx example config)
2022-07-21 18:44:21 +02:00
ansuz
8adeeb21ec
display instance info on the home page
...
* implements /api/instance
* updates recommended NGINX config
* adds a test on /checkup/
2022-05-03 18:20:34 +05:30
ansuz
01b6dd539b
add trailing slash if /convert/ is loaded without its trailing slash
2022-04-04 20:38:52 +05:30
ansuz
404b89eb28
update recommended settings for embedding to permit element desktop
2022-04-04 12:31:40 +05:30
ansuz
16b843c2c8
set x-content-type-options headers for blob and block in nginx example
2022-03-23 15:24:51 +05:30
ansuz
e1abf4ef77
nginx updates
2022-03-14 18:23:38 +05:30
ansuz
7b14c135b3
update example NGINX CSP configuration
2022-02-15 15:54:33 +05:30
ansuz
0f46869217
WIP update recommended production CSP values
2022-02-10 17:11:17 +05:30
ansuz
ae84d99af0
update the recommended settings for img-src and media-src
2022-01-21 17:48:53 +05:30
ansuz
31c5bba8db
update example NGINX config and changelog for 4.12.0
2021-10-20 18:42:02 +05:30
yflory
b050f04090
Fix CSP errors in oodoc and ooslide
2021-10-19 17:09:42 +02:00
ansuz
d2db0066a4
update example nginx config to match dev server
2021-10-19 17:56:55 +05:30
ansuz
34acded538
clarify comment in example nginx config
2021-08-27 14:07:23 +05:30
ansuz
f12a276c78
correct inconsistent capitalization of 'CryptPad' in markdown files.
...
Add a rule to the translation linter to detect future inconsistencies.
2021-08-13 15:44:11 +05:30
ansuz
3b44c09bc4
check COOP headers for multiple endpoints
...
and improve some error reporting in the checkup RPC
2021-07-01 16:42:09 +05:30
ansuz
0978074c74
add convert app to example nginx and update changelog
2021-06-30 19:31:48 +05:30
ansuz
14483814fd
update nginx trailing-slash rewrite for new apps
2021-06-15 03:52:54 +05:30
ansuz
32494fca0c
let NGINX handle its own headers
2021-05-12 14:29:29 +05:30
yflory
4d5d809447
Opt out of Google's FLoC Network by default
2021-04-22 12:24:05 +02:00
ansuz
49035f3aad
update example nginx config
2021-04-14 10:38:16 +05:30
ansuz
edd46ebdb2
add some admin UI for profiling the server's workers
2021-01-29 11:51:40 +05:30
ansuz
f0b707e54d
move admin-rpc code snippet to docs directory
2021-01-21 17:43:24 +05:30
ansuz
c806b97076
resolve conflicts between rebrand and staging
2020-12-29 17:20:53 +05:30
ansuz
affd221eb7
lint compliance
2020-12-29 17:08:48 +05:30
ansuz
38cfba275a
elaborate on some comments in example config files
2020-12-15 13:37:13 +05:30
yflory
2647acbb78
Expose Content-Length header
2020-12-07 15:42:25 +01:00
Christian Pietsch
bc2387256f
Set reasonable value for $PWD
...
/home/cryptpad/cryptpad/cryptpad seems one cryptpad too many, and it does not match the sample value of WorkingDirectory above
2020-11-05 19:23:08 +01:00
ansuz
aa547a7b76
align nodejs http headers with example nginx
2020-11-03 16:48:31 +05:30
ansuz
d3dd5f991d
proposed nginx configuration to enable XLSX export without disabling print from other apps
2020-11-03 16:48:31 +05:30
ansuz
a2b79d84b8
align nodejs http headers with example nginx
2020-10-27 08:12:23 +05:30
ansuz
a8f53d04fc
proposed nginx configuration to enable XLSX export without disabling print from other apps
2020-10-26 17:24:35 +05:30
ansuz
8c980df660
tell clients not to cache their outer html
2020-10-21 13:11:29 +05:30
ansuz
cfcfe2f65f
enable APIs for XLSX export in firefox
2020-10-07 14:47:43 +05:30
ansuz
737c42b447
update nginx.example.conf for latest rich text CSP
2020-06-29 16:51:58 -04:00
Adrian Nöthlich
68e33bb902
Remove docker related files
...
Signed-off-by: Adrian Nöthlich <git@promasu.tech>
2020-05-05 03:42:44 +02:00
ansuz
09bf0a54d8
add access control header
2020-04-09 16:30:22 -04:00
ansuz
54420109ac
update the open file limit in the example systemd service file
2020-03-16 12:32:45 -04:00
ansuz
ecce654ca6
add 'resource:' to script-src to enable shared-worker debugging in firefox
2020-02-17 12:48:10 -05:00
ansuz
1fc8c1de16
add missing connect-src directives to example nginx conf
2020-02-17 08:48:15 -05:00
ansuz
1be01c07ee
fix bad copypaste in the example nginx file
2020-02-10 13:04:58 -05:00
ansuz
95a2742b7a
add an example systemd service file
2020-01-21 14:08:26 -05:00
ansuz
47d9c4daeb
update onlyoffice detection to support sheet migration
2020-01-21 14:07:46 -05:00
ansuz
1b3c2a43bf
remove wss from connecSrc in example nginx config
2020-01-06 15:22:55 -05:00
ansuz
32bdfacd92
fix incorrectly pasted line
2020-01-04 11:56:09 -05:00
ansuz
75925b6ceb
fix blob support in example config
2020-01-04 01:39:37 -05:00
ansuz
80f3175a0e
simplify cipher list, better dhparams
2019-12-27 13:05:02 -05:00
ansuz
7c9b53695b
add a bunch of comments to all the mysterious sections of the nginx example config
...
also remove a large, complicated, unnecessary section
2019-12-26 18:23:52 -05:00
ansuz
c56815fa3b
WIP nginx config refactor
2019-12-05 19:41:45 -05:00
yflory
a297336746
Fix broken link in cryptpad-docker.md
2019-11-19 14:01:56 +01:00
ansuz
d4e5b98c14
update nginx config to add trailing slashes to new apps
2019-10-01 13:23:38 +02:00
Florian Knodt
7cd4df3e7f
cryptpad-docker: Missing \
2019-05-09 13:54:11 +02:00
ansuz
1853566b1a
serve datastore over the webserver in the example nginx config
2019-04-12 17:17:54 +02:00
Ludovic Dubost
9403d994f5
Add port 3001 to docker port mapping
2019-02-14 12:24:13 +01:00
ansuz
5175ed10c5
update example nginx config for spreadsheets
2019-01-29 11:56:55 +01:00
Adrian Nöthlich
3f9ae30b52
Made CSP syntax in nginx example conf valid
...
Made CSP syntax valid. There were arguments for e.g. blob: oder data: missing
2019-01-07 15:12:46 +01:00
interfect
b817ac1511
Improve Docker documentation in the repo
...
Now it will link to the wiki too.
2018-12-15 10:20:03 -08:00
ansuz
7004f26730
update documentation
2018-07-18 16:01:27 +02:00
ansuz
2c56972be6
update changelog and example nginx config
2018-06-27 15:03:38 +02:00
Caleb James DeLisle
3c2d61ff42
Add to the nginx documentation the location datastore block
2018-04-13 18:14:01 +02:00
Falgn0n
f362aac246
Update example.nginx.conf
...
Updated the location block for "/api/config" to point directly to the node.js server @ localhost:3000
2017-12-24 12:13:28 +02:00
Thomas Gläßle
405526cfa5
Properly escape sed replace expressions
...
This fixes an error during container startup due to interpolating a
$STORAGE value that may contain slashes or other "active" characters:
...
Using secure websockets: false
Using storage adapter: ./storage/file
sed: bad option in substitution expression
Also add a trailing ',' in the search expression to avoid substituting
in the comment above the actual definition:
/* If Cryptpad is proxied without using https, the server needs to know.
* Specify 'useSecureWebsockets: true' so that it can send
...
2017-08-10 10:35:38 +02:00
ansuz
f9023185c1
move documentation into docs folder
2017-05-31 10:10:33 +02:00