From 9074a7bce264d64f467bc628f06e37a5802043bd Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 17 Oct 2013 23:09:49 +0200 Subject: "Header set X-Frame-Options: Allow" only for nagios (Bug #4169) Nagios won't work with setting this option to "DENY", as set in conf.d/security (#4169). Therefor we allow it here, only for nagios. --- puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb index 6059453b..afc19782 100644 --- a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb +++ b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb @@ -18,7 +18,7 @@ SSLCACertificatePath /etc/ssl/certs SSLCertificateChainFile <%= scope.lookupvar('x509::variables::local_CAs') %>/<%= scope.lookupvar('site_config::params::commercial_ca_name') %>.crt SSLCertificateKeyFile <%= scope.lookupvar('x509::variables::keys') %>/<%= scope.lookupvar('site_config::params::commercial_cert_name') %>.key - SSLCertificateFile <%= scope.lookupvar('x509::variables::certs') %>/<%= scope.lookupvar('site_config::params::commercial_cert_name') %>.crt + SSLCertificateFile <%= scope.lookupvar('x509::variables::certs') %>/<%= scope.lookupvar('site_config::params::commercial_cert_name') %>.crt RequestHeader set X_FORWARDED_PROTO 'https' @@ -49,6 +49,10 @@ PassengerEnabled off AllowOverride all + # Nagios won't work with setting this option to "DENY", + # as set in conf.d/security (#4169). Therefor we allow + # it here, only for nagios. + Header set X-Frame-Options: "ALLOW" <% end -%> -- cgit v1.2.3