From 4a40f258a2b52f4c096b37e239ef8f390ab46aba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9o=20Colombaro?= Date: Tue, 29 Jun 2021 00:43:34 +0200 Subject: [PATCH] Use latest server-configs-test and align requirements --- .github/workflows/server.yml | 4 ++-- h5bp/location/web_performance_svgz-compression.conf | 2 ++ nginx.conf | 6 +++--- test/vhosts/server.localhost.conf | 2 ++ 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/server.yml b/.github/workflows/server.yml index 08ec675..546fc49 100644 --- a/.github/workflows/server.yml +++ b/.github/workflows/server.yml @@ -22,7 +22,7 @@ jobs: - uses: actions/checkout@v2.3.4 - name: Test with server-configs-test - uses: h5bp/server-configs-test@4.0.2 + uses: h5bp/server-configs-test@5.0.0 with: command: test server: nginx @@ -32,7 +32,7 @@ jobs: tests: basic-file-access;caching;cache-busting;custom-errors;forbidden-files;precompressed-files-gzip;rewrites;ssl - name: Benchmark - uses: h5bp/server-configs-test@4.0.2 + uses: h5bp/server-configs-test@5.0.0 with: command: benchmark server: nginx diff --git a/h5bp/location/web_performance_svgz-compression.conf b/h5bp/location/web_performance_svgz-compression.conf index 4b54316..4e4143c 100644 --- a/h5bp/location/web_performance_svgz-compression.conf +++ b/h5bp/location/web_performance_svgz-compression.conf @@ -12,5 +12,7 @@ location ~* \.svgz$ { include h5bp/security/x-content-type-options.conf; include h5bp/security/content-security-policy.conf; include h5bp/security/referrer-policy.conf; + include h5bp/security/permissions-policy.conf; + include h5bp/security/cross-origin-policy.conf; include h5bp/cross-origin/requests.conf; } diff --git a/nginx.conf b/nginx.conf index 157cd5f..6d29359 100644 --- a/nginx.conf +++ b/nginx.conf @@ -124,15 +124,15 @@ http { # h5bp/security/cross-origin-policy.conf # Cross-Origin-Embedder-Policy map $sent_http_content_type $coep_policy { - ~*text/(css|html|javascript)|application\/pdf|xml "require-corp"; + ~*text/(html|javascript)|application/pdf|xml "require-corp"; } # Cross-Origin-Opener-Policy map $sent_http_content_type $coop_policy { - ~*text/(css|html|javascript)|application\/pdf|xml "same-origin"; + ~*text/(html|javascript)|application/pdf|xml "same-origin"; } # Cross-Origin-Resource-Policy map $sent_http_content_type $corp_policy { - ~*text/(css|html|javascript)|application\/pdf|xml "same-origin"; + ~*text/(html|javascript)|application/pdf|xml "same-origin"; } # Add Access-Control-Allow-Origin. diff --git a/test/vhosts/server.localhost.conf b/test/vhosts/server.localhost.conf index c862061..b566518 100644 --- a/test/vhosts/server.localhost.conf +++ b/test/vhosts/server.localhost.conf @@ -20,6 +20,8 @@ server { gzip_min_length 1; include h5bp/security/content-security-policy.conf; + include h5bp/security/permissions-policy.conf; + include h5bp/security/cross-origin-policy.conf; include h5bp/location/web_performance_filename-based_cache_busting.conf; include h5bp/location/web_performance_svgz-compression.conf; include h5bp/errors/custom_errors.conf;