Commit Graph

124 Commits

Author SHA1 Message Date
Daniel Micay
6d1669c3c2 pass through synapse CSP alongside static one 2021-06-29 06:05:12 -04:00
June
86772f7fea Add GitHub workflow for linting nginx.conf and security-headers.conf
Signed-off-by: June <zanthed@riseup.net>
2021-06-26 02:01:27 -04:00
Daniel Micay
384f37a9f4 add font-src to CSP 2021-06-22 23:51:37 -04:00
Daniel Micay
1cf2da16c9 cleaner nginx status monitoring configuration 2021-06-22 23:43:32 -04:00
Daniel Micay
d4e4cca682 set security headers on error responses too 2021-06-18 20:22:34 -04:00
Daniel Micay
444ad1a982 set up COEP and CORP headers 2021-06-18 20:20:50 -04:00
Daniel Micay
87d3dff258 more initial CSP working around Element flaws 2021-06-18 17:35:06 -04:00
Daniel Micay
ee984f0c7f use dark theme by default for Element 2021-06-18 05:44:40 -04:00
Daniel Micay
2f99bfd78d set up Element configuration for grapheneos.org 2021-06-18 05:38:52 -04:00
Daniel Micay
1ab0ee864c add Element configuration 2021-06-18 05:37:41 -04:00
Daniel Micay
1cbd223eee mark obsolete X-Frame-Options header as such 2021-06-18 05:34:44 -04:00
Daniel Micay
e5da30c9a6 set same-origin COOP header 2021-06-18 05:27:08 -04:00
Daniel Micay
7abbe44836 reorder server blocks 2021-06-18 05:22:16 -04:00
Daniel Micay
7743e8ebf6 add explicit support for element http redirect 2021-06-18 05:20:47 -04:00
Daniel Micay
e32083f8cf remove unnecessary escaping 2021-06-18 05:17:13 -04:00
Daniel Micay
60dd91024d no need for case insensitive API path matching 2021-06-18 05:16:14 -04:00
Daniel Micay
391d7ef680 explicitly block mixed content 2021-06-18 05:08:04 -04:00
Daniel Micay
144698a02f set up basic frame security headers 2021-06-18 05:05:39 -04:00
Daniel Micay
f9a50f988a add obsolete X-XSS-Protection header 2021-06-18 04:38:26 -04:00
Daniel Micay
af4c95f166 mark Expect-CT as partially obsolete 2021-06-18 04:38:02 -04:00
Daniel Micay
c473761dfb avoid having element instance indexed 2021-06-18 04:17:51 -04:00
Daniel Micay
b7952c7ce0 add element.grapheneos.org domain 2021-06-18 00:55:51 -04:00
Daniel Micay
3d99bfadd3 raise proxy_read_timeout for synapse 2021-06-07 14:46:25 -04:00
Daniel Micay
b5b55be1a6 add nginx configuration 2021-05-24 14:32:54 -04:00