Hi! Before anything, thanks for yet another awesome OpenBSD release! I’ll extend my gratitude into the pockets of the Foundation and finally donate this time.
Then: I’m a relayd virgin. Consider all the following a lab exercise, I want to learn and understand more. My target: Understanding how to score an A+ on the htbridge web server security test. https://www.htbridge.com/websec/?id=BT1UmswV First objective: Set HTTP headers, such as CONTENT-SECURITY-POLICY X-CONTENT-TYPE-OPTIONS X-XSS-PROTECTION using relayd (since httpd can’t help out here). Assumptions etc: - I suppose only https traffic is in scope, since all http traffic is redirected to https. - Both httpd and relayd are (will be) run on the same 6.2 machine. - httpd runs just fine and scores an A+ on the htbridge TLS Server Test more or less out of the box. The web server test, however, was a disappointing F. :-) I’m only a mortal, so simply reading the relayd.conf man page and do some trial-and-error has so far only made me go all CAPS. I seek examples (of something similar to the above use-case), a guide, turorial, or even a how-to to make this happen. I can learn all the config options and settings afterwards, and keep tweaking and understanding. Anyone? Humbly, Andreas