diff options
| -rw-r--r-- | etc/nginx/conf.d/talerssl | 2 | ||||
| -rw-r--r-- | etc/nginx/sites-enabled/www-stage.site | 17 |
2 files changed, 13 insertions, 6 deletions
diff --git a/etc/nginx/conf.d/talerssl b/etc/nginx/conf.d/talerssl index e5d5411..3aa9a47 100644 --- a/etc/nginx/conf.d/talerssl +++ b/etc/nginx/conf.d/talerssl @@ -10,5 +10,5 @@ add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; prelo add_header X-XSS-Protection "1; mode=block"; add_header X-Frame-Options "SAMEORIGIN"; add_header X-Content-Type-Options "nosniff"; -add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' wss://buildbot.taler.net"; +add_header Content-Security-Policy "default-src 'self'; img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' wss://buildbot.taler.net"; add_header Referrer-Policy "same-origin"; diff --git a/etc/nginx/sites-enabled/www-stage.site b/etc/nginx/sites-enabled/www-stage.site index 555e60d..e8a988b 100644 --- a/etc/nginx/sites-enabled/www-stage.site +++ b/etc/nginx/sites-enabled/www-stage.site @@ -48,17 +48,17 @@ server { gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript; - location ~* \.(png|jpg|jpeg|gif|ico|svg|js|css)$ { - root /home/docbuilder/stage.taler.net; - expires 1y; - } - # Note: this will go to /var/www/(videos|releases), which we took out of Git location /videos { root /var/www; expires max; } + location ~* /videos/.*\.(png|jpg|ogv|webm|gif|svg)$ { + root /var/www; + expires max; + } + # FIXME: this location newest files are from Oct'16 location /releases { root /var/www; @@ -68,4 +68,11 @@ server { location /files { root /var/www; } + + location ~* \.(png|jpg|jpeg|gif|ico|svg|js|css)$ { + root /home/docbuilder/stage.taler.net; + expires 1y; + } + + } |