diff options
author | Johannes Löthberg <johannes@kyriasis.com> | 2019-03-21 20:13:15 +0100 |
---|---|---|
committer | Johannes Löthberg <johannes@kyriasis.com> | 2019-03-21 20:13:15 +0100 |
commit | 157eaf65e9dcc72c45b86e586ad32bbb1ae825c1 (patch) | |
tree | 182662356f70e2ccf906ebd162fb28068cc9cad6 | |
parent | 645f43889c0b3ade145506d84f7a330e10e2349e (diff) | |
download | pillar-157eaf65e9dcc72c45b86e586ad32bbb1ae825c1.tar.xz |
nginx: Fix CORS quoting
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
-rw-r--r-- | nginx/kyriasis_com.sls | 6 | ||||
-rw-r--r-- | nginx/matrix_kyriasis_com.sls | 6 |
2 files changed, 6 insertions, 6 deletions
diff --git a/nginx/kyriasis_com.sls b/nginx/kyriasis_com.sls index bc1a749..099c9ea 100644 --- a/nginx/kyriasis_com.sls +++ b/nginx/kyriasis_com.sls @@ -32,7 +32,7 @@ nginx: - ssl_trusted_certificate: /etc/letsencrypt/live/kyriasis.com/fullchain.pem # https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security - - add_header: 'Strict-Transport-Security "max-age=31536000"' + - add_header: 'Strict-Transport-Security "max-age=31536000"' # Tell browsers not to render the page inside a frame, and avoid clickjacking. - add_header: X-Frame-Options SAMEORIGIN @@ -47,8 +47,8 @@ nginx: # http://www.gnuterrypratchett.com/ - add_header: 'X-Clacks-Overhead "GNU Terry Pratchett"' - - add_header: 'Access-Control-Allow-Origin' '*' - - add_header: 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, HEAD, OPTIONS' + - add_header: "'Access-Control-Allow-Origin' '*'" + - add_header: "'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, HEAD, OPTIONS'" - client_max_body_size: 128m diff --git a/nginx/matrix_kyriasis_com.sls b/nginx/matrix_kyriasis_com.sls index 3883cec..b98ba69 100644 --- a/nginx/matrix_kyriasis_com.sls +++ b/nginx/matrix_kyriasis_com.sls @@ -39,7 +39,7 @@ nginx: - ssl_trusted_certificate: /etc/letsencrypt/live/matrix.kyriasis.com/fullchain.pem # https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security - - add_header: 'Strict-Transport-Security "max-age=31536000"' + - add_header: 'Strict-Transport-Security "max-age=31536000"' # Tell browsers to not try to auto-detect the Content-Type. - add_header: X-Content-Type-Options nosniff @@ -51,8 +51,8 @@ nginx: # http://www.gnuterrypratchett.com/ - add_header: 'X-Clacks-Overhead "GNU Terry Pratchett"' - - add_header: 'Access-Control-Allow-Origin' '*' - - add_header: 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, HEAD, OPTIONS' + - add_header: "'Access-Control-Allow-Origin' '*'" + - add_header: "'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, HEAD, OPTIONS'" - client_max_body_size: 128m |