proposed nginx configuration to enable XLSX export without disabling print from other apps

pull/1/head
ansuz 4 years ago
parent a87d0f2943
commit a8f53d04fc

@ -57,11 +57,6 @@ server {
add_header Access-Control-Allow-Origin "*"; add_header Access-Control-Allow-Origin "*";
# add_header X-Frame-Options "SAMEORIGIN"; # add_header X-Frame-Options "SAMEORIGIN";
# Enable SharedArrayBuffer in Firefox (for .xlsx export)
add_header Cross-Origin-Resource-Policy cross-origin;
add_header Cross-Origin-Opener-Policy same-origin;
add_header Cross-Origin-Embedder-Policy require-corp;
# Insert the path to your CryptPad repository root here # Insert the path to your CryptPad repository root here
root /home/cryptpad/cryptpad; root /home/cryptpad/cryptpad;
index index.html; index index.html;
@ -113,6 +108,14 @@ server {
if ($uri = "/sheet/inner.html") { set $unsafe 1; } if ($uri = "/sheet/inner.html") { set $unsafe 1; }
if ($uri ~ ^\/common\/onlyoffice\/.*\/index\.html.*$) { set $unsafe 1; } if ($uri ~ ^\/common\/onlyoffice\/.*\/index\.html.*$) { set $unsafe 1; }
set $coop '';
if ($uri ~ ^\/sheet\/.*$) { set $coop 'same-origin'; }
# Enable SharedArrayBuffer in Firefox (for .xlsx export)
add_header Cross-Origin-Resource-Policy cross-origin;
add_header Cross-Origin-Opener-Policy $coop;
add_header Cross-Origin-Embedder-Policy require-corp;
# everything except the sandbox domain is a privileged scope, as they might be used to handle keys # everything except the sandbox domain is a privileged scope, as they might be used to handle keys
if ($host != $sandbox_domain) { set $unsafe 0; } if ($host != $sandbox_domain) { set $unsafe 0; }

Loading…
Cancel
Save