Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Side by Side Diff: modules/web/templates/adblockplus.org.conf.erb

Issue 5649911861215232: Issue 2301 - Fix bogus escaping in previous commit (Closed)
Patch Set: Created April 16, 2015, 12:19 p.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # XSS and clickjacking prevention headers 1 # XSS and clickjacking prevention headers
2 2
3 set $csp_frame ""; 3 set $csp_frame "";
4 if ($uri ~ ^/(:?\w\w(_\w\w)?/)?(?:index|firefox|chrome|opera|android|internet-ex plorer|safari|yandex-browser|maxthon)?$) 4 if ($uri ~ ^/(:?\w\w(_\w\w)?/)?(?:index|firefox|chrome|opera|android|internet-ex plorer|safari|yandex-browser|maxthon)?$)
5 { 5 {
6 set $csp_frame "; frame-src www.youtube-nocookie.com;"; 6 set $csp_frame "; frame-src www.youtube-nocookie.com;";
7 } 7 }
8 add_header Content-Security-Policy "default-src \'self\'; img-src * data:; style -src \'self\' \'unsafe-inline\'; script-src \'self\' \'unsafe-inline\' \'unsafe- eval\' $csp_frame"; 8 add_header Content-Security-Policy "default-src 'self'; img-src * data:; style-s rc 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' $csp_ frame";
9 add_header X-Frame-Options "sameorigin"; 9 add_header X-Frame-Options "sameorigin";
10 10
11 # User agent sniffing 11 # User agent sniffing
12 12
13 set $user_agent ""; 13 set $user_agent "";
14 if ($http_user_agent ~ \bGecko/\d+) 14 if ($http_user_agent ~ \bGecko/\d+)
15 { 15 {
16 set $user_agent "firefox"; 16 set $user_agent "firefox";
17 } 17 }
18 if ($http_user_agent ~ \bSafari/\d+) 18 if ($http_user_agent ~ \bSafari/\d+)
(...skipping 30 matching lines...) Expand all
49 } 49 }
50 if ($http_user_agent ~ \bYaBrowser/\d+) 50 if ($http_user_agent ~ \bYaBrowser/\d+)
51 { 51 {
52 set $user_agent "yandex-browser"; 52 set $user_agent "yandex-browser";
53 } 53 }
54 if ($http_user_agent ~ \bMaxthon/\d+) 54 if ($http_user_agent ~ \bMaxthon/\d+)
55 { 55 {
56 set $user_agent "maxthon"; 56 set $user_agent "maxthon";
57 } 57 }
58 58
59 sub_filter \' id="content" class="\' \' id="content" class="ua-$user_agent \'; 59 sub_filter ' id="content" class="' ' id="content" class="ua-$user_agent ';
60 60
61 set $index_page "firefox"; 61 set $index_page "firefox";
62 if ($user_agent != "") 62 if ($user_agent != "")
63 { 63 {
64 set $index_page $user_agent; 64 set $index_page $user_agent;
65 } 65 }
66 66
67 # Various redirects 67 # Various redirects
68 68
69 rewrite ^/(\w\w(_\w\w)?/)?changelog-1.3.1$ /$1\changelog-1.3 permanent; 69 rewrite ^/(\w\w(_\w\w)?/)?changelog-1.3.1$ /$1\changelog-1.3 permanent;
(...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after
211 location /403.html 211 location /403.html
212 { 212 {
213 try_files $uri @proxied; 213 try_files $uri @proxied;
214 } 214 }
215 location @proxied 215 location @proxied
216 { 216 {
217 proxy_pass https://server_16.adblockplus.org; 217 proxy_pass https://server_16.adblockplus.org;
218 proxy_set_header Host adblockplus.org; 218 proxy_set_header Host adblockplus.org;
219 proxy_redirect https://adblockplus.org/ https://$host/; 219 proxy_redirect https://adblockplus.org/ https://$host/;
220 } 220 }
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld