OLD | NEW |
1 # XSS and clickjacking prevention headers | 1 # XSS and clickjacking prevention headers |
2 | 2 |
3 set $csp_frame ""; | 3 set $csp_frame ""; |
4 if ($uri ~ ^/(:?\w\w(_\w\w)?/)?(?:index|firefox|chrome|opera|android|internet-ex
plorer|safari|yandex-browser|maxthon)?$) | 4 if ($uri ~ ^/(:?\w\w(_\w\w)?/)?(?:index|firefox|chrome|opera|android|internet-ex
plorer|safari|yandex-browser|maxthon)?$) |
5 { | 5 { |
6 set $csp_frame "; frame-src www.youtube-nocookie.com;"; | 6 set $csp_frame "; frame-src www.youtube-nocookie.com;"; |
7 } | 7 } |
8 add_header Content-Security-Policy "default-src 'self'; img-src * data:; style-s
rc 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' $csp_
frame"; | 8 add_header Content-Security-Policy "default-src 'self'; img-src * data:; style-s
rc 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' $csp_
frame"; |
9 add_header X-Frame-Options "sameorigin"; | 9 add_header X-Frame-Options "sameorigin"; |
10 | 10 |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
50 if ($http_user_agent ~ \bYaBrowser/\d+) | 50 if ($http_user_agent ~ \bYaBrowser/\d+) |
51 { | 51 { |
52 set $user_agent "yandex-browser"; | 52 set $user_agent "yandex-browser"; |
53 } | 53 } |
54 if ($http_user_agent ~ \bMaxthon/\d+) | 54 if ($http_user_agent ~ \bMaxthon/\d+) |
55 { | 55 { |
56 set $user_agent "maxthon"; | 56 set $user_agent "maxthon"; |
57 } | 57 } |
58 | 58 |
59 sub_filter ' id="content" class="' ' id="content" class="ua-$user_agent '; | 59 sub_filter ' id="content" class="' ' id="content" class="ua-$user_agent '; |
| 60 sub_filter_last_modified on; |
60 | 61 |
61 set $index_page "firefox"; | 62 set $index_page "firefox"; |
62 if ($user_agent != "") | 63 if ($user_agent != "") |
63 { | 64 { |
64 set $index_page $user_agent; | 65 set $index_page $user_agent; |
65 } | 66 } |
66 | 67 |
67 # Various redirects | 68 # Various redirects |
68 | 69 |
69 rewrite ^/(\w\w(_\w\w)?/)?changelog-1.3.1$ /$1\changelog-1.3 permanent; | 70 rewrite ^/(\w\w(_\w\w)?/)?changelog-1.3.1$ /$1\changelog-1.3 permanent; |
(...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
214 } | 215 } |
215 location @proxied | 216 location @proxied |
216 { | 217 { |
217 proxy_pass https://server_16.adblockplus.org; | 218 proxy_pass https://server_16.adblockplus.org; |
218 proxy_set_header Host adblockplus.org; | 219 proxy_set_header Host adblockplus.org; |
219 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | 220 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
220 proxy_redirect https://adblockplus.org/ https://$host/; | 221 proxy_redirect https://adblockplus.org/ https://$host/; |
221 sub_filter_once off; | 222 sub_filter_once off; |
222 sub_filter https://adblockplus.org/ https://$host/; | 223 sub_filter https://adblockplus.org/ https://$host/; |
223 } | 224 } |
OLD | NEW |