Re: Подменить Status code

Доброго времени суток, господа. Только мне кажется, что человек неадекватен или тупо издевается? 23.09.2016 07:16, jtiq пишет: > а где у вас хранится длина всего видео в байтах? 22.09.2016 22:58, jtiq пишет: > а где у вас хранится длина всего видео в байтах? 22.09.2016 21:20, jtiq пишет: > а

Re: Подменить Status code

а где у вас хранится длина всего видео в байтах? Posted at Nginx Forum: https://forum.nginx.org/read.php?21,269693,269781#msg-269781 ___ nginx-ru mailing list nginx-ru@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-ru

Re: Nginx не отвечает на запросы

Hello! On Wed, Sep 21, 2016 at 03:41:35AM -0400, Mikanoshi wrote: > Maxim Dounin Wrote: > --- > > Всмысле - как и ранее, после ручного массажирования зависшего > > процесса? > > > > Попробуйте ещё выключить reset_timedout_connections,

Re: (Semi-OT) Clickjacking countermeasure

I serve no ads. I even pulled my piwik so that my sites can be surfed no script.  Can you clickjack an encrypted page? How would the browser handle two certs?   Original Message   From: c0nw0nk Sent: Thursday, September 22, 2016 1:57 PM To: nginx@nginx.org Reply To: nginx@nginx.org Subject:

Re: (Semi-OT) Clickjacking countermeasure

If you read the OWASP page it will also mention about header stripping etc and proxies that will remove the X-Frames headers there is no real way to stop proxies framing your site but the X-Frame-Options combined with that JavaScript is a good way to start it will stop the majority. Also break

Re: (Semi-OT) Clickjacking countermeasure

I saw that, but I took the path of least resistance. The method I mentioned was sufficient  to pass the tinfoilsecurity.com test. To tinfoils's credit, they provided three references on Clickjacking, one of which is the website you suggested.   Original Message   From: c0nw0nk Sent: Thursday,

Re: nginx default unix domain socket permissions and umask

Hello! On Thu, Sep 22, 2016 at 01:12:21PM +, Manole, Sorin wrote: > Hello, > > It seems that when nginx creates unix domain sockets as a result > of the listen directive it assigns rw permissions for all users. > This is probably because the bind() call which creates the file > follows

Re: (Semi-OT) Clickjacking countermeasure

https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet Inside your tags. body{display:none !important;} if (self === top) { var antiClickjack = document.getElementById("antiClickjack"); antiClickjack.parentNode.removeChild(antiClickjack); } else {

Re: Подменить Status code

Здравствуйте, Maxim. Вы писали 22 сентября 2016 г., 22:55:54: > Я повторю рекомендацию сходить по ссылке и прочитать-таки README, > там есть пример. Стальные нервы, Максим )) -- С уважением, Dmitry nginx...@sadok.spb.ru ___

[nginx] Upstream: max_conns.

details: http://hg.nginx.org/nginx/rev/29bf0dbc0a77 branches: changeset: 6705:29bf0dbc0a77 user: Ruslan Ermilov date: Thu Sep 22 19:32:47 2016 +0300 description: Upstream: max_conns. diffstat: src/http/modules/ngx_http_upstream_hash_module.c | 9

[nginx] Upstream: removed the quick recovery mechanism.

details: http://hg.nginx.org/nginx/rev/a44ba757851d branches: changeset: 6704:a44ba757851d user: Ruslan Ermilov date: Thu Sep 22 19:32:45 2016 +0300 description: Upstream: removed the quick recovery mechanism. Its usefulness it questionable, and it interacts badly

[nginx] Upstream: introduced u->upstream.

details: http://hg.nginx.org/nginx/rev/edcd9303a4d3 branches: changeset: 6703:edcd9303a4d3 user: Maxim Dounin date: Thu Sep 22 19:32:26 2016 +0300 description: Upstream: introduced u->upstream. It holds upstream{} block configuration, including ones selected via

[nginx] Upstream: style, ngx_http_upstream_rr_peer_t.next moved.

details: http://hg.nginx.org/nginx/rev/d69964eb8335 branches: changeset: 6701:d69964eb8335 user: Maxim Dounin date: Mon Jul 25 16:23:35 2016 +0300 description: Upstream: style, ngx_http_upstream_rr_peer_t.next moved. diffstat:

[nginx] Upstream: style.

details: http://hg.nginx.org/nginx/rev/914d8a63dbad branches: changeset: 6702:914d8a63dbad user: Maxim Dounin date: Thu Sep 22 19:31:08 2016 +0300 description: Upstream: style. diffstat: src/http/modules/ngx_http_upstream_hash_module.c | 1 -

Re: Подменить Status code

а где у вас хранится длина всего видео в байтах? Posted at Nginx Forum: https://forum.nginx.org/read.php?21,269693,269766#msg-269766 ___ nginx-ru mailing list nginx-ru@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-ru

Re: Подменить Status code

Hello! On Thu, Sep 22, 2016 at 02:09:44PM -0400, jtiq wrote: [...] > > Описание модуля и примеры использования есть в README, > > http://mdounin.ru/hg/ngx_http_bytes_filter_module/file/tip/README. > > Там же описано, какой именно параметр (спойлер: bytes, но крайне > > рекомендую прочитать

(Semi-OT) Clickjacking countermeasure

I ran one of these website inspection services on my website and it was deemed to be subject to Clickjacking. This might be a false positive since I don't use frames, but the info on this link was enough to make the error go away. I chose "DENY" since I don't use frames. 

Re: Transmission remote GUI proxy_protocol broken header

On Thu, Sep 22, 2016 at 05:54:35AM -0400, adrhc wrote: Hi there, > What is the thing writing to nginx? (stunnel, I think) > stunnel according to the setup: I strongly suspect that your stunnel is not doing what you want it to do. If you "tcpdump" the traffic out of stunnel; or if you replace

Re: Подменить Status code

Maxim Dounin Wrote: --- > Hello! > > On Wed, Sep 21, 2016 at 05:22:02PM -0400, jtiq wrote: > > > Maxim Dounin Wrote: > > --- > > > Hello! > > > > > > On Wed, Sep 21, 2016 at 03:05:33PM -0400,

Re: Подменить Status code

Maxim Dounin Wrote: --- > Hello! > > On Wed, Sep 21, 2016 at 05:22:02PM -0400, jtiq wrote: > > > Maxim Dounin Wrote: > > --- > > > Hello! > > > > > > On Wed, Sep 21, 2016 at 03:05:33PM -0400,

Tar gz shenanigans in a location

Nginx readers, i have a webdav like server that serv files, and access it through nginx, it is actually a subversion repo, so the files (and directory) are listed in an ugly html page, not recursively. /directory/files1 /directory/files2 [..] I am fishing for ideas to do something like

[nginx] Perl: pass additional linker options to perl module.

details: http://hg.nginx.org/nginx/rev/0d2956dfc4e6 branches: changeset: 6700:0d2956dfc4e6 user: Konstantin Pavlov date: Tue Sep 20 22:11:23 2016 +0300 description: Perl: pass additional linker options to perl module. Previously flags passed by --with-ld-opt were

nginx default unix domain socket permissions and umask

Hello, It seems that when nginx creates unix domain sockets as a result of the listen directive it assigns rw permissions for all users. This is probably because the bind() call which creates the file follows the process umask. Nginx sets the umask to 0 which is the most relaxed setting. Is

Re: Подменить Status code

Hello! On Wed, Sep 21, 2016 at 05:22:02PM -0400, jtiq wrote: > Maxim Dounin Wrote: > --- > > Hello! > > > > On Wed, Sep 21, 2016 at 03:05:33PM -0400, jtiq wrote: > > > > > Maxim Dounin Wrote: > > >

Re: always run same script in location

I have files by myself. the part of my conf looks like location ~ ^/foo/(.*.\.pl|cgi)$ { ... } location ~ ^/foo/d/(.+?)(/.*)$ { try_files foo /foo/dl.pl; } foo is a non existent file, so always dl.pl is executed On 22.09.2016 13:13, basti wrote: > Hello, > > i have a script where i can

Are there plans for Nginx supporting HTTP/2 server push?

Is there something like a release timeline for HTTP/2 server push feature in Nginx? It would help make https connections faster and get rid of one TCP roundtrip. Posted at Nginx Forum: https://forum.nginx.org/read.php?2,269749,269749#msg-269749 ___

Re: listen proxy_protocol and rewrite redirect scheme

I'm just a bit surprised that "port_in_redirect off" does not also work. But that's ok -- I'm often surprised. There's a "if" in src/http/ngx_http_header_filter_module.c which changes port's value from 443 to 0 when on ssl + port initially 443 so https://adrhc.go.ro/ffp_0.7_armv5 would redirect to

always run same script in location

Hello, i have a script where i can upload files. the uri is like https://example.com/foo/bar.pl the location looks like location ~ ^/foo/(.*.\.pl|cgi)$ { ... } then a upload url is generatred https://example.com/foo/u/f28c104/df3d-45ce/example.txt the location for the uploaded files looks

Re: proxy cache + pseudo-streaming for mp4/flv

Hi, link to patch is not working, could you please provide the new one? Posted at Nginx Forum: https://forum.nginx.org/read.php?2,20,269746#msg-269746 ___ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

Re: Start nginx worker process with same user as master process

Thanks a lot Francis. Apparently nginx was once started as root. So automatically the ownership of the temp folders got changed to nginx user. This explains the sudden permission change even though I had set it explictly. Thanks for your help. Cheers, Sushma Posted at Nginx Forum:

Re: Transmission remote GUI proxy_protocol broken header

Hi, here's some clarifications: What is the thing writing to nginx? (stunnel, I think) stunnel according to the setup: Transmission remote GUI:443 -> sshttp:443 -> stunnel:1443 -> nginx:127.0.0.1:443 (no ssl, with listen ... proxy_protocol, port_in_redirect on) How is it configured? [tls] accept

Re: access_log format $remote_user anonymous question

On Wed, Sep 21, 2016 at 05:28:26PM -0400, c0nw0nk wrote: Hi there, > Thanks for the information so based of what that resource says and from what > I understand surely that field should only say "anonymous" or "username" if > on those files / folders in my Nginx config I use "auth_basic" ? No.