source: trunk/server/fedora/config/etc/httpd/conf.d/scripts-vhost.conf @ 2711

Last change on this file since 2711 was 2650, checked in by andersk, 10 years ago
Disable Service Workers on scripts/~ URLs
File size: 1.2 KB
Line 
1DocumentRoot /afs/athena.mit.edu/contrib/scripts/web_scripts/home
2SuExecUserGroup scripts users
3UserDir enabled
4UserDir web_scripts
5# Comment the following line out to take the machine out of the LVS pool
6# You'll also need to prevent it from listening on 443 or 444
7Alias /heartbeat /afs/athena.mit.edu/contrib/scripts/web_scripts/heartbeat
8Alias /src /afs/athena.mit.edu/contrib/scripts/src
9Redirect /sql https://scripts.mit.edu/~sql
10
11<IfModule mod_status.c>
12    <Location "/server-status">
13        AuthType Basic
14        AuthName "scripts status"
15        AuthBasicProvider file
16        AuthUserFile /etc/munin/apache-htpasswd
17        Require valid-user
18        SetHandler server-status
19        PermitStatusHandler on
20    </Location>
21</IfModule>
22
23<Location ~ "/(robots\.txt|favicon\.ico)">
24    RewriteEngine On
25    RewriteBase /~scripts
26    RewriteCond %{REQUEST_FILENAME} !-f
27    RewriteRule .*(favicon\.ico) $1 [L,NS]
28    RewriteCond %{REQUEST_FILENAME} !-f
29    RewriteRule .*(robots\.txt) $1 [L,NS]
30</Location>
31
32# As long as we support scripts/~ URLs, we need to disable Service
33# Workers on them for security.
34# https://infrequently.org/2014/12/psa-service-workers-are-coming/
35<If "-n req('Service-Worker')">
36    Require all denied
37</If>
Note: See TracBrowser for help on using the repository browser.