kotovalexarian-likes-github/puma--puma
1
0
Fork 0
mirror of https://github.com/puma/puma.git synced 2022-11-09 13:48:40 -05:00
Code Releases Activity

Use $host instead of $http_host in nginx config (#2403)

Browse source 
`$http_host` is vulnerable to host spoofing. Use `$host` instead. See
f5a54ad161/docs/en/plugins/hostspoofing.md
This commit is contained in:
Shouichi Kamiya 2020-10-02 22:10:10 +09:00 committed by GitHub
parent bb61c7b151
commit 57cb7bd23e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/nginx.md
View file

@ -31,7 +31,7 @@ server {
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header Host $host;
# If the file exists as a static file serve it directly without
# running all the other rewrite tests on it