diff --git a/.examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf b/.examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf index 0d67b8b0e..7fd0ea8c8 100644 --- a/.examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf +++ b/.examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf @@ -14,6 +14,8 @@ http { default_type application/octet-stream; types { text/javascript mjs; + application/wasm wasm; + } } log_format main '$remote_addr - $remote_user [$time_local] "$request" ' @@ -83,7 +85,6 @@ http { add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "noindex, nofollow" always; - add_header X-XSS-Protection "1; mode=block" always; # Remove X-Powered-By, which is an information leak fastcgi_hide_header X-Powered-By; @@ -162,7 +163,7 @@ http { fastcgi_pass php-handler; fastcgi_intercept_errors on; - fastcgi_request_buffering off; + fastcgi_request_buffering on; # Required as PHP-FPM does not support chunked transfer encoding and requires a valid ContentLength header. fastcgi_max_temp_file_size 0; } @@ -176,12 +177,7 @@ http { add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "noindex, nofollow" always; - add_header X-XSS-Protection "1; mode=block" always; access_log off; # Optional: Don't log access to assets - - location ~ \.wasm$ { - default_type application/wasm; - } } location ~ \.(otf|woff2?)$ { diff --git a/.examples/docker-compose/insecure/postgres/fpm/web/nginx.conf b/.examples/docker-compose/insecure/postgres/fpm/web/nginx.conf index 0d67b8b0e..7fd0ea8c8 100644 --- a/.examples/docker-compose/insecure/postgres/fpm/web/nginx.conf +++ b/.examples/docker-compose/insecure/postgres/fpm/web/nginx.conf @@ -14,6 +14,8 @@ http { default_type application/octet-stream; types { text/javascript mjs; + application/wasm wasm; + } } log_format main '$remote_addr - $remote_user [$time_local] "$request" ' @@ -83,7 +85,6 @@ http { add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "noindex, nofollow" always; - add_header X-XSS-Protection "1; mode=block" always; # Remove X-Powered-By, which is an information leak fastcgi_hide_header X-Powered-By; @@ -162,7 +163,7 @@ http { fastcgi_pass php-handler; fastcgi_intercept_errors on; - fastcgi_request_buffering off; + fastcgi_request_buffering on; # Required as PHP-FPM does not support chunked transfer encoding and requires a valid ContentLength header. fastcgi_max_temp_file_size 0; } @@ -176,12 +177,7 @@ http { add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "noindex, nofollow" always; - add_header X-XSS-Protection "1; mode=block" always; access_log off; # Optional: Don't log access to assets - - location ~ \.wasm$ { - default_type application/wasm; - } } location ~ \.(otf|woff2?)$ { diff --git a/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf b/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf index f3f90640e..4c4cd7350 100644 --- a/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf +++ b/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf @@ -14,6 +14,8 @@ http { default_type application/octet-stream; types { text/javascript mjs; + application/wasm wasm; + } } log_format main '$remote_addr - $remote_user [$time_local] "$request" ' @@ -83,7 +85,6 @@ http { add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "noindex, nofollow" always; - add_header X-XSS-Protection "1; mode=block" always; # Remove X-Powered-By, which is an information leak fastcgi_hide_header X-Powered-By; @@ -162,7 +163,7 @@ http { fastcgi_pass php-handler; fastcgi_intercept_errors on; - fastcgi_request_buffering off; + fastcgi_request_buffering on; # Required as PHP-FPM does not support chunked transfer encoding and requires a valid ContentLength header. fastcgi_max_temp_file_size 0; } @@ -176,12 +177,7 @@ http { add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "noindex, nofollow" always; - add_header X-XSS-Protection "1; mode=block" always; access_log off; # Optional: Don't log access to assets - - location ~ \.wasm$ { - default_type application/wasm; - } } location ~ \.(otf|woff2?)$ { diff --git a/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf b/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf index f3f90640e..4c4cd7350 100644 --- a/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf +++ b/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf @@ -14,6 +14,8 @@ http { default_type application/octet-stream; types { text/javascript mjs; + application/wasm wasm; + } } log_format main '$remote_addr - $remote_user [$time_local] "$request" ' @@ -83,7 +85,6 @@ http { add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "noindex, nofollow" always; - add_header X-XSS-Protection "1; mode=block" always; # Remove X-Powered-By, which is an information leak fastcgi_hide_header X-Powered-By; @@ -162,7 +163,7 @@ http { fastcgi_pass php-handler; fastcgi_intercept_errors on; - fastcgi_request_buffering off; + fastcgi_request_buffering on; # Required as PHP-FPM does not support chunked transfer encoding and requires a valid ContentLength header. fastcgi_max_temp_file_size 0; } @@ -176,12 +177,7 @@ http { add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "noindex, nofollow" always; - add_header X-XSS-Protection "1; mode=block" always; access_log off; # Optional: Don't log access to assets - - location ~ \.wasm$ { - default_type application/wasm; - } } location ~ \.(otf|woff2?)$ {