Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add the CSP headers if they are set as an env variable at startup #15

Merged
merged 4 commits into from
Nov 6, 2023
Merged

Add the CSP headers if they are set as an env variable at startup #15

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
8da42fd
Add the CSP headers if they are set as an env variable at startup
danakim Nov 2, 2023
3dd2e1e
Let's use Apache2's built-in features to set the CSP policy header
danakim Nov 3, 2023
2a7a57e
We need the SSL module enabled as well
danakim Nov 3, 2023
aa5cf3d
Making sure the default vhost also logs to stdout
danakim Nov 3, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions apache2/bin/start.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,5 +45,10 @@ for dir in \
chmod 1777 "$dir";
done

# Add the CSP policy header if it has been set in the environment
if [[ -v HTTPD_CSP ]]; then
echo "Header always set Content-Security-Policy \"${HTTPD_CSP}\"" >> /etc/apache2/security.conf
fi

danakim marked this conversation as resolved.
Show resolved Hide resolved
# Start Apache2
apache2 -D FOREGROUND
1 change: 0 additions & 1 deletion apache2/conf/security.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,4 +74,3 @@ RequestHeader unset Proxy early
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet