OLD | NEW |
1 # XSS and clickjacking prevention headers | 1 # XSS and clickjacking prevention headers |
2 | 2 |
3 set $csp_frame ""; | 3 set $csp_frame ""; |
4 if ($uri ~ ^/(:?\w\w(_\w\w)?/)?(?:index|firefox|chrome|opera|android|internet-ex
plorer|safari|yandex-browser|maxthon)?$) | 4 if ($uri ~ ^/(:?\w\w(_\w\w)?/)?(?:index|firefox|chrome|opera|android|internet-ex
plorer|safari|yandex-browser|maxthon)?$) |
5 { | 5 { |
6 set $csp_frame "; frame-src www.youtube-nocookie.com;"; | 6 set $csp_frame "; frame-src www.youtube-nocookie.com;"; |
7 } | 7 } |
8 add_header Content-Security-Policy "default-src 'self'; img-src * data:; style-s
rc 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' $csp_
frame"; | 8 add_header Content-Security-Policy "default-src 'self'; img-src * data:; style-s
rc 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' $csp_
frame"; |
9 add_header X-Frame-Options "sameorigin"; | 9 add_header X-Frame-Options "sameorigin"; |
10 | 10 |
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
84 rewrite ^/update.rdf$ https://update.adblockplus.org/gecko/update.rdf permanent; | 84 rewrite ^/update.rdf$ https://update.adblockplus.org/gecko/update.rdf permanent; |
85 rewrite ^/updates.plist$ https://update.adblockplus.org/adblockplussafari/update
s.plist permanent; | 85 rewrite ^/updates.plist$ https://update.adblockplus.org/adblockplussafari/update
s.plist permanent; |
86 rewrite ^/androidupdate.json$ https://update.adblockplus.org/adblockplusandroid/
update.json permanent; | 86 rewrite ^/androidupdate.json$ https://update.adblockplus.org/adblockplusandroid/
update.json permanent; |
87 rewrite ^/androidupdates.xml$ https://update.adblockplus.org/adblockplusandroid/
updates.xml permanent; | 87 rewrite ^/androidupdates.xml$ https://update.adblockplus.org/adblockplusandroid/
updates.xml permanent; |
88 rewrite ^/ieupdate.json$ https://update.adblockplus.org/adblockplusie/update.jso
n permanent; | 88 rewrite ^/ieupdate.json$ https://update.adblockplus.org/adblockplusie/update.jso
n permanent; |
89 | 89 |
90 rewrite ^/(\w\w(_\w\w)?/)?adblock-browser/?$ https://adblockbrowser.org/ permane
nt; | 90 rewrite ^/(\w\w(_\w\w)?/)?adblock-browser/?$ https://adblockbrowser.org/ permane
nt; |
91 | 91 |
92 location /redirect | 92 location /redirect |
93 { | 93 { |
| 94 set $adblock_browser_android_download "https://downloads.adblockplus.org/adblo
ckbrowser-1.0.0-arm.apk"; |
| 95 set $adblock_browser_android_store "https://play.google.com/store/apps/details
?id=org.adblockplus.browser"; |
| 96 |
| 97 # Google Play is not available in China, so we redirect them to the |
| 98 # builds for download, see https://issues.adblockplus.org/ticket/3094 |
| 99 if ($geoip_country_code = 'CN') |
| 100 { |
| 101 set $adblock_browser_android_store $adblock_browser_android_download; |
| 102 } |
| 103 |
94 if ($arg_link = "reporter_connect_issue") | 104 if ($arg_link = "reporter_connect_issue") |
95 { | 105 { |
96 rewrite ^ /forum/? redirect; | 106 rewrite ^ /forum/? redirect; |
97 } | 107 } |
98 if ($arg_link = "reporter_other_link") | 108 if ($arg_link = "reporter_other_link") |
99 { | 109 { |
100 rewrite ^ /forum/? redirect; | 110 rewrite ^ /forum/? redirect; |
101 } | 111 } |
102 if ($arg_link = "chrome_support") | 112 if ($arg_link = "chrome_support") |
103 { | 113 { |
(...skipping 22 matching lines...) Expand all Loading... |
126 if ($arg_link = "adblock_browser_android_support") | 136 if ($arg_link = "adblock_browser_android_support") |
127 { | 137 { |
128 rewrite ^ https://adblockbrowser.org/en/android-support/? redirect; | 138 rewrite ^ https://adblockbrowser.org/en/android-support/? redirect; |
129 } | 139 } |
130 if ($arg_link = "adblock_browser_ios_support") | 140 if ($arg_link = "adblock_browser_ios_support") |
131 { | 141 { |
132 rewrite ^ https://adblockbrowser.org/en/ios-support/? redirect; | 142 rewrite ^ https://adblockbrowser.org/en/ios-support/? redirect; |
133 } | 143 } |
134 if ($arg_link = "adblock_browser_android_store") | 144 if ($arg_link = "adblock_browser_android_store") |
135 { | 145 { |
136 rewrite ^ https://play.google.com/store/apps/details?id=org.adblockplus.brow
ser? redirect; | 146 rewrite ^ $adblock_browser_android_store? redirect; |
137 } | 147 } |
138 if ($arg_link = "adblock_browser_ios_store") | 148 if ($arg_link = "adblock_browser_ios_store") |
139 { | 149 { |
140 rewrite ^ https://itunes.apple.com/us/app/adblock-browser/id1015653330?ls=1&
mt=8? redirect; | 150 rewrite ^ https://itunes.apple.com/us/app/adblock-browser/id1015653330?ls=1&
mt=8? redirect; |
141 } | 151 } |
142 if ($arg_link = "adblock_browser_android_download") | 152 if ($arg_link = "adblock_browser_android_download") |
143 { | 153 { |
144 rewrite ^ https://downloads.adblockplus.org/adblockbrowser-1.0.0-arm.apk? re
direct; | 154 rewrite ^ $adblock_browser_android_download? redirect; |
145 } | 155 } |
146 if ($arg_link = "adblock_plus_safari_ios_support") | 156 if ($arg_link = "adblock_plus_safari_ios_support") |
147 { | 157 { |
148 rewrite ^ /forum/viewforum.php?f=26? redirect; | 158 rewrite ^ /forum/viewforum.php?f=26? redirect; |
149 } | 159 } |
150 if ($arg_link = "adblock_plus_safari_ios_store") | 160 if ($arg_link = "adblock_plus_safari_ios_store") |
151 { | 161 { |
152 rewrite ^ https://itunes.apple.com/app/adblock-plus-abp/id1028871868? redire
ct; | 162 rewrite ^ https://itunes.apple.com/app/adblock-plus-abp/id1028871868? redire
ct; |
153 } | 163 } |
154 | 164 |
(...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
287 location /403.html | 297 location /403.html |
288 { | 298 { |
289 try_files $uri @proxied; | 299 try_files $uri @proxied; |
290 } | 300 } |
291 location @proxied | 301 location @proxied |
292 { | 302 { |
293 proxy_pass https://server16.adblockplus.org; | 303 proxy_pass https://server16.adblockplus.org; |
294 proxy_set_header Host adblockplus.org; | 304 proxy_set_header Host adblockplus.org; |
295 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | 305 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
296 } | 306 } |
OLD | NEW |