yflory
|
d6a60075cd
|
Fix DrawIO hash
|
2023-10-03 11:40:55 +02:00 |
|
Mathilde Grünig
|
57dda59c4d
|
change NodeJS path to match new recommended installation method
|
2023-09-18 11:52:26 +02:00 |
|
Mathilde Grünig
|
87dc6e66d4
|
replace tabs by spaces, not rendered properly by GitHub
|
2023-09-05 13:22:15 +02:00 |
|
Mathilde Grünig
|
53f53d1a7e
|
fix two little header issues in Nginx advanced example
|
2023-09-05 13:21:16 +02:00 |
|
Mathilde Grünig
|
c756909a89
|
add new default Nginx example config file
|
2023-09-05 13:19:25 +02:00 |
|
Mathilde Grünig
|
bccfb28ac9
|
move old default Nginx example config to advanced file
|
2023-09-05 13:17:12 +02:00 |
|
Wolfgang Ginolas
|
a3772cf92c
|
Fix typo in example.nginx.conf
|
2023-08-10 16:00:46 +02:00 |
|
yflory
|
dc6bbec19f
|
Recovery page trailing slash redirect in nginx conf #1143
|
2023-07-18 17:35:18 +02:00 |
|
yflory
|
8b1aaaa9a7
|
Add missing trailing slash redirect for the diagram app
|
2023-07-13 11:12:31 +02:00 |
|
yflory
|
c10fc37645
|
Merge branch 'totp-ui' into 5.4-rc
|
2023-07-11 10:30:36 +02:00 |
|
yflory
|
b2788744de
|
Merge branch 'drawio-bower' into 5.4-rc
|
2023-06-30 12:45:54 +02:00 |
|
Wolfgang Ginolas
|
00af2c3efb
|
Update example nginx config for diagram
|
2023-06-29 11:22:41 +02:00 |
|
Mathilde Grünig
|
f5fb24031e
|
replace xwiki-labs by cryptpad
|
2023-05-16 14:54:39 +02:00 |
|
ansuz
|
bf548c1022
|
updated nginx config for new API server features
|
2023-05-11 17:06:46 +05:30 |
|
ansuz
|
493bf1346c
|
Merge tag '5.3.0' into 5.3-auth
|
2023-05-06 15:26:21 +05:30 |
|
ansuz
|
c27ff40db1
|
proxy requests for blocks to the API server
|
2023-05-06 14:41:22 +05:30 |
|
David Benque
|
d585d17359
|
Merge pull request #1004 from xwiki-labs/embedding-difficulty
invert NGINX settings to forbid remote embedding by default
|
2023-04-25 11:43:59 +01:00 |
|
Mathilde Grünig
|
166c20e081
|
add two lines explanation on hardening
|
2023-03-30 13:29:43 +02:00 |
|
Mathilde Grünig
|
2cd56842ec
|
add various systemd hardening directives
|
2023-03-30 10:17:19 +02:00 |
|
Mathilde Grünig
|
e80b6c2127
|
remove deprecated syslog parameters, now handled by journald
|
2023-03-30 10:16:18 +02:00 |
|
Mathilde Grünig
|
5df480b9f3
|
update latest stable Node version
|
2023-03-30 10:15:50 +02:00 |
|
ansuz
|
ee5d270d6a
|
Merge branch 'basic-auth' into authentication
|
2023-03-20 13:44:10 +05:30 |
|
ansuz
|
50c84949c8
|
invert NGINX settings to forbid remote embedding by default
|
2023-02-13 12:47:18 +05:30 |
|
Mathilde Grünig
|
0d7f1509b6
|
Add FreeBSD rc.d init script
|
2023-02-03 08:25:17 +01:00 |
|
Ente
|
c9fd6359aa
|
Send HTTP credentials when fetching blobs
With this change media-tag now sends HTTP credentials when fetching
blobs. Also changed the example nginx config to send
Access-Control-Allow-Credentials CORS headers. For this to work, we can
no longer use '*' for Access-Control-Allow-Origin [1][2]: Therefore the
example config was changed to set Access-Control-Allow-Origin to the
sandbox domain only.
Fixes:
- #705: Blob fetch fails with 401 Unauthorized when HTTP basic auth is enabled [3]
Referenes:
[1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
[2]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSNotSupportingCredentials
[3]: https://github.com/xwiki-labs/cryptpad/issues/705
|
2022-12-14 11:27:51 +01:00 |
|
Mathilde Grünig
|
37ccaddbbe
|
2nd thought on HTTP/80, not needed in the end
|
2022-12-07 14:04:00 +01:00 |
|
Mathilde Grünig
|
1b731e2643
|
Add future-proof Nginx configuration
- support IPv6
- 80 to 443 redirect
- TLS generation
- better SSL sessions
- longer HSTS (2 years)
- OCSP stapling
|
2022-12-07 13:56:12 +01:00 |
|
ansuz
|
01cdfa1bbc
|
document yet another way that Safari/webkit is terrible
|
2022-10-05 15:17:07 +05:30 |
|
ansuz
|
8d7973850a
|
slightly smarter caching rules in example NGINX config
|
2022-09-13 18:34:30 +05:30 |
|
ansuz
|
c889823fca
|
fix custom file serving logic for static pages in NGINX
|
2022-09-06 14:36:23 +05:30 |
|
ansuz
|
4d022a2247
|
handle more cases for the cache-control header in NGINX
|
2022-09-06 14:35:13 +05:30 |
|
ansuz
|
aaa6efbbb0
|
better worst-case performance for static files served by NGINX
|
2022-07-22 16:46:02 +05:30 |
|
Maxime Cesson
|
c1adae6d59
|
Complete last commit (add og data to "Drive" and "File", handle missing config, modify nginx example config)
|
2022-07-21 18:44:21 +02:00 |
|
ansuz
|
8adeeb21ec
|
display instance info on the home page
* implements /api/instance
* updates recommended NGINX config
* adds a test on /checkup/
|
2022-05-03 18:20:34 +05:30 |
|
ansuz
|
01b6dd539b
|
add trailing slash if /convert/ is loaded without its trailing slash
|
2022-04-04 20:38:52 +05:30 |
|
ansuz
|
404b89eb28
|
update recommended settings for embedding to permit element desktop
|
2022-04-04 12:31:40 +05:30 |
|
ansuz
|
16b843c2c8
|
set x-content-type-options headers for blob and block in nginx example
|
2022-03-23 15:24:51 +05:30 |
|
ansuz
|
e1abf4ef77
|
nginx updates
|
2022-03-14 18:23:38 +05:30 |
|
ansuz
|
7b14c135b3
|
update example NGINX CSP configuration
|
2022-02-15 15:54:33 +05:30 |
|
ansuz
|
0f46869217
|
WIP update recommended production CSP values
|
2022-02-10 17:11:17 +05:30 |
|
ansuz
|
ae84d99af0
|
update the recommended settings for img-src and media-src
|
2022-01-21 17:48:53 +05:30 |
|
ansuz
|
31c5bba8db
|
update example NGINX config and changelog for 4.12.0
|
2021-10-20 18:42:02 +05:30 |
|
yflory
|
b050f04090
|
Fix CSP errors in oodoc and ooslide
|
2021-10-19 17:09:42 +02:00 |
|
ansuz
|
d2db0066a4
|
update example nginx config to match dev server
|
2021-10-19 17:56:55 +05:30 |
|
ansuz
|
34acded538
|
clarify comment in example nginx config
|
2021-08-27 14:07:23 +05:30 |
|
ansuz
|
f12a276c78
|
correct inconsistent capitalization of 'CryptPad' in markdown files.
Add a rule to the translation linter to detect future inconsistencies.
|
2021-08-13 15:44:11 +05:30 |
|
ansuz
|
3b44c09bc4
|
check COOP headers for multiple endpoints
and improve some error reporting in the checkup RPC
|
2021-07-01 16:42:09 +05:30 |
|
ansuz
|
0978074c74
|
add convert app to example nginx and update changelog
|
2021-06-30 19:31:48 +05:30 |
|
ansuz
|
14483814fd
|
update nginx trailing-slash rewrite for new apps
|
2021-06-15 03:52:54 +05:30 |
|
ansuz
|
32494fca0c
|
let NGINX handle its own headers
|
2021-05-12 14:29:29 +05:30 |
|