|
|
|
@ -57,11 +57,6 @@ server {
|
|
|
|
add_header Access-Control-Allow-Origin "*";
|
|
|
|
add_header Access-Control-Allow-Origin "*";
|
|
|
|
# add_header X-Frame-Options "SAMEORIGIN";
|
|
|
|
# add_header X-Frame-Options "SAMEORIGIN";
|
|
|
|
|
|
|
|
|
|
|
|
# Enable SharedArrayBuffer in Firefox (for .xlsx export)
|
|
|
|
|
|
|
|
add_header Cross-Origin-Resource-Policy cross-origin;
|
|
|
|
|
|
|
|
add_header Cross-Origin-Opener-Policy same-origin;
|
|
|
|
|
|
|
|
add_header Cross-Origin-Embedder-Policy require-corp;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Insert the path to your CryptPad repository root here
|
|
|
|
# Insert the path to your CryptPad repository root here
|
|
|
|
root /home/cryptpad/cryptpad;
|
|
|
|
root /home/cryptpad/cryptpad;
|
|
|
|
index index.html;
|
|
|
|
index index.html;
|
|
|
|
@ -113,6 +108,14 @@ server {
|
|
|
|
if ($uri = "/sheet/inner.html") { set $unsafe 1; }
|
|
|
|
if ($uri = "/sheet/inner.html") { set $unsafe 1; }
|
|
|
|
if ($uri ~ ^\/common\/onlyoffice\/.*\/index\.html.*$) { set $unsafe 1; }
|
|
|
|
if ($uri ~ ^\/common\/onlyoffice\/.*\/index\.html.*$) { set $unsafe 1; }
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
set $coop '';
|
|
|
|
|
|
|
|
if ($uri ~ ^\/sheet\/.*$) { set $coop 'same-origin'; }
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Enable SharedArrayBuffer in Firefox (for .xlsx export)
|
|
|
|
|
|
|
|
add_header Cross-Origin-Resource-Policy cross-origin;
|
|
|
|
|
|
|
|
add_header Cross-Origin-Opener-Policy $coop;
|
|
|
|
|
|
|
|
add_header Cross-Origin-Embedder-Policy require-corp;
|
|
|
|
|
|
|
|
|
|
|
|
# everything except the sandbox domain is a privileged scope, as they might be used to handle keys
|
|
|
|
# everything except the sandbox domain is a privileged scope, as they might be used to handle keys
|
|
|
|
if ($host != $sandbox_domain) { set $unsafe 0; }
|
|
|
|
if ($host != $sandbox_domain) { set $unsafe 0; }
|
|
|
|
|
|
|
|
|
|
|
|
|
ansuz
4 years ago