Patched CVE-2019-11043
This commit is contained in:
parent
57bde7e21f
commit
b9f4dee100
|
@ -56,6 +56,7 @@ http {
|
||||||
add_header X-Download-Options noopen;
|
add_header X-Download-Options noopen;
|
||||||
add_header X-Permitted-Cross-Domain-Policies none;
|
add_header X-Permitted-Cross-Domain-Policies none;
|
||||||
add_header Referrer-Policy no-referrer always;
|
add_header Referrer-Policy no-referrer always;
|
||||||
|
add_header X-Frame-Options "SAMEORIGIN";
|
||||||
|
|
||||||
root /var/www/html;
|
root /var/www/html;
|
||||||
|
|
||||||
|
@ -95,7 +96,7 @@ http {
|
||||||
#pagespeed off;
|
#pagespeed off;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
rewrite ^ /index.php$uri;
|
rewrite ^ /index.php;
|
||||||
}
|
}
|
||||||
|
|
||||||
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
|
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
|
||||||
|
@ -108,6 +109,7 @@ http {
|
||||||
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
|
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
|
||||||
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
||||||
include fastcgi_params;
|
include fastcgi_params;
|
||||||
|
try_files $fastcgi_script_name =404;
|
||||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||||
# fastcgi_param HTTPS on;
|
# fastcgi_param HTTPS on;
|
||||||
|
|
Loading…
Reference in New Issue
Block a user