diff options
| author | lassulus <lassulus@lassul.us> | 2019-10-10 14:48:45 +0200 |
|---|---|---|
| committer | lassulus <lassulus@lassul.us> | 2019-10-10 14:48:45 +0200 |
| commit | c8e29c89bc2d5fa254aeb0a98207c4fa47b5aa3c (patch) | |
| tree | d99d0f4152a1031273daec6a69c944fff775cde5 | |
| parent | 7fb3248a6c9213f9e93a10e9fbefa6375eff161e (diff) | |
bepasty-server: fix proxied host header spoofing
| -rw-r--r-- | krebs/3modules/bepasty-server.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index 94a50952..4892a872 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -164,7 +164,7 @@ let client_max_body_size 32M; ''; locations = { - "/".extraConfig = "proxy_set_header Host $http_host;"; + "/".extraConfig = "proxy_set_header Host $host;"; "/".proxyPass = "http://unix:${server.workDir}/gunicorn-${name}.sock"; "/static/".extraConfig = '' alias ${bepasty}/lib/${python.libPrefix}/site-packages/bepasty/static/; |