OLD | NEW |
1 # XSS and clickjacking prevention headers | 1 # XSS and clickjacking prevention headers |
2 | 2 |
3 set $csp_frame ""; | 3 set $csp_frame ""; |
4 if ($uri ~ ^/(:?\w\w(_\w\w)?/)?(?:index|firefox|chrome|opera|android|internet-ex
plorer|safari|yandex-browser|maxthon)?$) | 4 if ($uri ~ ^/(:?\w\w(_\w\w)?/)?(?:index|firefox|chrome|opera|android|internet-ex
plorer|safari|yandex-browser|maxthon)?$) |
5 { | 5 { |
6 set $csp_frame "; frame-src www.youtube-nocookie.com;"; | 6 set $csp_frame "; frame-src www.youtube-nocookie.com;"; |
7 } | 7 } |
8 add_header Content-Security-Policy "default-src \'self\'; img-src * data:; style
-src \'self\' \'unsafe-inline\'; script-src \'self\' \'unsafe-inline\' \'unsafe-
eval\' $csp_frame"; | 8 add_header Content-Security-Policy "default-src 'self'; img-src * data:; style-s
rc 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' $csp_
frame"; |
9 add_header X-Frame-Options "sameorigin"; | 9 add_header X-Frame-Options "sameorigin"; |
10 | 10 |
11 # User agent sniffing | 11 # User agent sniffing |
12 | 12 |
13 set $user_agent ""; | 13 set $user_agent ""; |
14 if ($http_user_agent ~ \bGecko/\d+) | 14 if ($http_user_agent ~ \bGecko/\d+) |
15 { | 15 { |
16 set $user_agent "firefox"; | 16 set $user_agent "firefox"; |
17 } | 17 } |
18 if ($http_user_agent ~ \bSafari/\d+) | 18 if ($http_user_agent ~ \bSafari/\d+) |
(...skipping 30 matching lines...) Expand all Loading... |
49 } | 49 } |
50 if ($http_user_agent ~ \bYaBrowser/\d+) | 50 if ($http_user_agent ~ \bYaBrowser/\d+) |
51 { | 51 { |
52 set $user_agent "yandex-browser"; | 52 set $user_agent "yandex-browser"; |
53 } | 53 } |
54 if ($http_user_agent ~ \bMaxthon/\d+) | 54 if ($http_user_agent ~ \bMaxthon/\d+) |
55 { | 55 { |
56 set $user_agent "maxthon"; | 56 set $user_agent "maxthon"; |
57 } | 57 } |
58 | 58 |
59 sub_filter \' id="content" class="\' \' id="content" class="ua-$user_agent \'; | 59 sub_filter ' id="content" class="' ' id="content" class="ua-$user_agent '; |
60 | 60 |
61 set $index_page "firefox"; | 61 set $index_page "firefox"; |
62 if ($user_agent != "") | 62 if ($user_agent != "") |
63 { | 63 { |
64 set $index_page $user_agent; | 64 set $index_page $user_agent; |
65 } | 65 } |
66 | 66 |
67 # Various redirects | 67 # Various redirects |
68 | 68 |
69 rewrite ^/(\w\w(_\w\w)?/)?changelog-1.3.1$ /$1\changelog-1.3 permanent; | 69 rewrite ^/(\w\w(_\w\w)?/)?changelog-1.3.1$ /$1\changelog-1.3 permanent; |
(...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
211 location /403.html | 211 location /403.html |
212 { | 212 { |
213 try_files $uri @proxied; | 213 try_files $uri @proxied; |
214 } | 214 } |
215 location @proxied | 215 location @proxied |
216 { | 216 { |
217 proxy_pass https://server_16.adblockplus.org; | 217 proxy_pass https://server_16.adblockplus.org; |
218 proxy_set_header Host adblockplus.org; | 218 proxy_set_header Host adblockplus.org; |
219 proxy_redirect https://adblockplus.org/ https://$host/; | 219 proxy_redirect https://adblockplus.org/ https://$host/; |
220 } | 220 } |
OLD | NEW |