diff options
author | lassulus <lassulus@lassul.us> | 2019-10-10 14:48:45 +0200 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2019-10-10 14:48:45 +0200 |
commit | c8e29c89bc2d5fa254aeb0a98207c4fa47b5aa3c (patch) | |
tree | d99d0f4152a1031273daec6a69c944fff775cde5 | |
parent | 7fb3248a6c9213f9e93a10e9fbefa6375eff161e (diff) |
bepasty-server: fix proxied host header spoofing
-rw-r--r-- | krebs/3modules/bepasty-server.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index 94a509520..4892a8723 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -164,7 +164,7 @@ let client_max_body_size 32M; ''; locations = { - "/".extraConfig = "proxy_set_header Host $http_host;"; + "/".extraConfig = "proxy_set_header Host $host;"; "/".proxyPass = "http://unix:${server.workDir}/gunicorn-${name}.sock"; "/static/".extraConfig = '' alias ${bepasty}/lib/${python.libPrefix}/site-packages/bepasty/static/; |