http protocol "https_reverse_proxy" {
[...]
# CSPs to help reduce the risk of Cross-Site Scripting
# https://content-security-policy.com/
# Hosts that require custom CSPs
match request header "Host" value "myapp1.com" tag "myapp1"
match request header "Host" value "myapp2.com" tag "myapp2"
match request header "Host" value "myapp3.com" tag "myapp3"
# Myapp1
# Feature request: match header set "Content-Security-Policy" value "default-src 'self'; ..." tagged "myapp1"
pass response quick tagged "myapp1" header set "Content-Security-Policy" value "default-src 'self'; ..."
# Myapp2
# Feature request: match header set "Content-Security-Policy" value "default-src 'self'; ..." tagged "myapp2"
pass response quick tagged "myapp2" header set "Content-Security-Policy" value "default-src 'self'; ..."
# What is going on here???
pass quick tagged "myapp2" forward to <myapp2>
# Myapp3
# Feature request: match header set "Content-Security-Policy" value "default-src 'self'; ..." tagged "myapp3"
pass response quick tagged "myapp3" header set "Content-Security-Policy" value "default-src 'self'; ..."
pass quick tagged "myapp3" forward to <myapp3>
# Everyone else
match response header set "Content-Security-Policy" value "default-src 'self';"
}
Last active
June 21, 2020 13:14
-
-
Save anon987654321/51ac6641e58859f86b346d7525b5743a to your computer and use it in GitHub Desktop.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment