gaja-group
/
server-configs-nginx
mirror of https://github.com/h5bp/server-configs-nginx
2
0
Fork 0
Code Issues Releases Wiki Activity

Use latest server-configs-test and align requirements

This commit is contained in:
Léo Colombaro 2021-06-29 00:43:34 +02:00
parent 25a569d97d
commit 4a40f258a2
No known key found for this signature in database
GPG Key ID: 687B480A6D4F735F
4 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/server.yml vendored
View File

@ -22,7 +22,7 @@ jobs:
- uses: actions/checkout@v2.3.4 - uses: actions/checkout@v2.3.4
- name: Test with server-configs-test - name: Test with server-configs-test
uses: h5bp/server-configs-test@4.0.2 uses: h5bp/server-configs-test@5.0.0
with: with:
command: test command: test
server: nginx server: nginx
@ -32,7 +32,7 @@ jobs:
tests: basic-file-access;caching;cache-busting;custom-errors;forbidden-files;precompressed-files-gzip;rewrites;ssl tests: basic-file-access;caching;cache-busting;custom-errors;forbidden-files;precompressed-files-gzip;rewrites;ssl
- name: Benchmark - name: Benchmark
uses: h5bp/server-configs-test@4.0.2 uses: h5bp/server-configs-test@5.0.0
with: with:
command: benchmark command: benchmark
server: nginx server: nginx

2
h5bp/location/web_performance_svgz-compression.conf
View File

@ -12,5 +12,7 @@ location ~* \.svgz$ {
include h5bp/security/x-content-type-options.conf; include h5bp/security/x-content-type-options.conf;
include h5bp/security/content-security-policy.conf; include h5bp/security/content-security-policy.conf;
include h5bp/security/referrer-policy.conf; include h5bp/security/referrer-policy.conf;
include h5bp/security/permissions-policy.conf;
include h5bp/security/cross-origin-policy.conf;
include h5bp/cross-origin/requests.conf; include h5bp/cross-origin/requests.conf;
} }

6
nginx.conf
View File

@ -124,15 +124,15 @@ http {
# h5bp/security/cross-origin-policy.conf # h5bp/security/cross-origin-policy.conf
# Cross-Origin-Embedder-Policy # Cross-Origin-Embedder-Policy
map $sent_http_content_type $coep_policy { map $sent_http_content_type $coep_policy {
~*text/(css|html|javascript)|application\/pdf|xml "require-corp"; ~*text/(html|javascript)|application/pdf|xml "require-corp";
} }
# Cross-Origin-Opener-Policy # Cross-Origin-Opener-Policy
map $sent_http_content_type $coop_policy { map $sent_http_content_type $coop_policy {
~*text/(css|html|javascript)|application\/pdf|xml "same-origin"; ~*text/(html|javascript)|application/pdf|xml "same-origin";
} }
# Cross-Origin-Resource-Policy # Cross-Origin-Resource-Policy
map $sent_http_content_type $corp_policy { map $sent_http_content_type $corp_policy {
~*text/(css|html|javascript)|application\/pdf|xml "same-origin"; ~*text/(html|javascript)|application/pdf|xml "same-origin";
} }
# Add Access-Control-Allow-Origin. # Add Access-Control-Allow-Origin.

2
test/vhosts/server.localhost.conf
View File

@ -20,6 +20,8 @@ server {
gzip_min_length 1; gzip_min_length 1;
include h5bp/security/content-security-policy.conf; include h5bp/security/content-security-policy.conf;
include h5bp/security/permissions-policy.conf;
include h5bp/security/cross-origin-policy.conf;
include h5bp/location/web_performance_filename-based_cache_busting.conf; include h5bp/location/web_performance_filename-based_cache_busting.conf;
include h5bp/location/web_performance_svgz-compression.conf; include h5bp/location/web_performance_svgz-compression.conf;
include h5bp/errors/custom_errors.conf; include h5bp/errors/custom_errors.conf;