Commit 563fec734912d81cd7caea6fa8ec2b397fb72a9b
1 parent
1eec1f4f
Exists in
spb-stable
and in
3 other branches
Disable compression to prevent BREACH attack
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Showing
1 changed file
with
3 additions
and
0 deletions
Show diff stats
lib/support/nginx/gitlab
| @@ -42,6 +42,9 @@ server { | @@ -42,6 +42,9 @@ server { | ||
| 42 | # if a file, which is not found in the root folder is requested, | 42 | # if a file, which is not found in the root folder is requested, |
| 43 | # then the proxy pass the request to the upsteam (gitlab unicorn) | 43 | # then the proxy pass the request to the upsteam (gitlab unicorn) |
| 44 | location @gitlab { | 44 | location @gitlab { |
| 45 | + # We need this to prevent BREACH attack | ||
| 46 | + gzip off; | ||
| 47 | + | ||
| 45 | proxy_read_timeout 300; # Some requests take more than 30 seconds. | 48 | proxy_read_timeout 300; # Some requests take more than 30 seconds. |
| 46 | proxy_connect_timeout 300; # Some requests take more than 30 seconds. | 49 | proxy_connect_timeout 300; # Some requests take more than 30 seconds. |
| 47 | proxy_redirect off; | 50 | proxy_redirect off; |