diff --git a/nginx.conf b/nginx.conf index 8ca5fe56..4ab3b219 100644 --- a/nginx.conf +++ b/nginx.conf @@ -270,25 +270,30 @@ http { # 5. rewrite 'integrity="' to 'nointegrity=' to disable script integrity checking sub_filter 'integrity="' 'nointegrity="'; + # 6. disable meta tag's Content-Security-Policy + sub_filter 'http-equiv="Content-Security-Policy"' 'http-equiv="No-U-Content-Security-Policy"'; + # do the same thing but instead of ", do ' - # # 1. + # 1. sub_filter "<script src='//" "<script $processed_flag_attribute src='/main/js_/$relativescheme://"; sub_filter "<script type='text/javascript' src='//" "<script type='text/javascript' $processed_flag_attribute src='/main/js_/$relativescheme://"; sub_filter "src='//" "$processed_flag_attribute src='/main/$relativescheme://"; - # # 2. + # 2. sub_filter "<script src='/" "<script $processed_flag_attribute src='/main/js_/$dest_hostwithscheme/"; sub_filter "<script type='text/javascript' src='/" "<script type='text/javascript' $processed_flag_attribute src='/main/js_/$dest_hostwithscheme/"; sub_filter "src='/" "$processed_flag_attribute src='/main/$dest_hostwithscheme/"; - # # 3. + # 3. sub_filter "<script src='https://" "<script $processed_flag_attribute src='/main/js_/https://"; sub_filter "<script type='text/javascript' src='https://" "<script type='text/javascript' $processed_flag_attribute src='/main/js_/https://"; sub_filter "src='https://" "$processed_flag_attribute src='/main/https://"; - # # 4. + # 4. sub_filter "<script src='http://" "<script $processed_flag_attribute src='/main/js_/http://"; sub_filter "<script type='text/javascript' src='http://" "<script type='text/javascript' $processed_flag_attribute src='/main/js_/http://"; sub_filter "src='http://" "$processed_flag_attribute src='/main/http://"; - # # 5. + # 5. sub_filter "integrity='" "nointegrity='"; + # 6. disable meta tag's Content-Security-Policy + sub_filter "http-equiv='Content-Security-Policy'" "http-equiv='No-U-Content-Security-Policy'"; # insert wombat.js and wombat-handler.js scripts