From 5b2ede6c4636f11c5831c0e434f7cd0863d7b7cf Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 16 Nov 2022 12:00:02 +0100 Subject: [PATCH] Remove deprecated header --- src/main/resources/website/nginx-configmap.yaml | 3 +-- src/test/cljc/dda/c4k_website/website_test.cljc | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/src/main/resources/website/nginx-configmap.yaml b/src/main/resources/website/nginx-configmap.yaml index 900a334..f64668b 100644 --- a/src/main/resources/website/nginx-configmap.yaml +++ b/src/main/resources/website/nginx-configmap.yaml @@ -83,8 +83,7 @@ data: listen 80 default_server; listen [::]:80 default_server; server_name FQDN - add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; - add_header X-XSS-Protection "1; mode=block"; + add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; add_header X-Frame-Options "SAMEORIGIN"; add_header X-Content-Type-Options nosniff; add_header Referrer-Policy "strict-origin"; diff --git a/src/test/cljc/dda/c4k_website/website_test.cljc b/src/test/cljc/dda/c4k_website/website_test.cljc index 69007d4..c58ebc7 100644 --- a/src/test/cljc/dda/c4k_website/website_test.cljc +++ b/src/test/cljc/dda/c4k_website/website_test.cljc @@ -43,7 +43,7 @@ :branchname "main"}]})))) (deftest should-generate-nginx-configmap-website - (is (= "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n server_name test.de www.test.de test-it.de www.test-it.de;\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n}\n" + (is (= "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n server_name test.de www.test.de test-it.de www.test-it.de;\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; \n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n}\n" (:website.conf (:data (cut/generate-nginx-configmap {:unique-name "test.io", :gitea-host "gitea.evilorg", :gitea-repo "none",