mirror of
https://github.com/thib8956/nginx-proxy
synced 2024-11-22 03:46:29 +00:00
Merge pull request #1111 from kamermans/bugfix/cant-disable-hsts-noredirect
Fixed #1080, can't disable HSTS with noredirect
This commit is contained in:
commit
7dd97d4bc3
@ -19,7 +19,7 @@
|
|||||||
server 127.0.0.1 down;
|
server 127.0.0.1 down;
|
||||||
{{ end }}
|
{{ end }}
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
# If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the
|
# If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the
|
||||||
@ -262,7 +262,7 @@ server {
|
|||||||
ssl_trusted_certificate {{ printf "/etc/nginx/certs/%s.chain.pem" $cert }};
|
ssl_trusted_certificate {{ printf "/etc/nginx/certs/%s.chain.pem" $cert }};
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
{{ if (and (ne $https_method "noredirect") (ne $hsts "off")) }}
|
{{ if (not (or (eq $https_method "noredirect") (eq $hsts "off"))) }}
|
||||||
add_header Strict-Transport-Security "{{ trim $hsts }}" always;
|
add_header Strict-Transport-Security "{{ trim $hsts }}" always;
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
|
@ -24,3 +24,10 @@ def test_web3_HSTS_custom(docker_compose, nginxproxy):
|
|||||||
assert "answer from port 81\n" in r.text
|
assert "answer from port 81\n" in r.text
|
||||||
assert "Strict-Transport-Security" in r.headers
|
assert "Strict-Transport-Security" in r.headers
|
||||||
assert "max-age=86400; includeSubDomains; preload" == r.headers["Strict-Transport-Security"]
|
assert "max-age=86400; includeSubDomains; preload" == r.headers["Strict-Transport-Security"]
|
||||||
|
|
||||||
|
# Regression test for issue 1080
|
||||||
|
# https://github.com/jwilder/nginx-proxy/issues/1080
|
||||||
|
def test_web4_HSTS_off_noredirect(docker_compose, nginxproxy):
|
||||||
|
r = nginxproxy.get("https://web4.nginx-proxy.tld/port", allow_redirects=False)
|
||||||
|
assert "answer from port 81\n" in r.text
|
||||||
|
assert "Strict-Transport-Security" not in r.headers
|
||||||
|
@ -24,6 +24,16 @@ web3:
|
|||||||
VIRTUAL_HOST: "web3.nginx-proxy.tld"
|
VIRTUAL_HOST: "web3.nginx-proxy.tld"
|
||||||
HSTS: "max-age=86400; includeSubDomains; preload"
|
HSTS: "max-age=86400; includeSubDomains; preload"
|
||||||
|
|
||||||
|
web4:
|
||||||
|
image: web
|
||||||
|
expose:
|
||||||
|
- "81"
|
||||||
|
environment:
|
||||||
|
WEB_PORTS: "81"
|
||||||
|
VIRTUAL_HOST: "web4.nginx-proxy.tld"
|
||||||
|
HSTS: "off"
|
||||||
|
HTTPS_METHOD: "noredirect"
|
||||||
|
|
||||||
sut:
|
sut:
|
||||||
image: jwilder/nginx-proxy:test
|
image: jwilder/nginx-proxy:test
|
||||||
volumes:
|
volumes:
|
||||||
|
Loading…
Reference in New Issue
Block a user