NextERP/documentation
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[FIX] deploy: enable HSTS also for websocket

Browse Source 
Fine tunning of 6a2725e604

closes odoo/documentation#8004

Signed-off-by: Martin Trigaux (mat) <mat@odoo.com>
This commit is contained in:
Julien Castiaux 2024-03-05 11:10:07 +01:00
parent 4f15ba1eea
commit c00571d724
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
content/administration/install/deploy.rst
View File

@ -334,6 +334,9 @@ in ``/etc/nginx/sites-enabled/odoo.conf`` set:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
proxy_cookie_flags session_id samesite=lax secure; # requires nginx 1.19.8
} }
# Redirect requests to odoo backend server # Redirect requests to odoo backend server
@ -346,10 +349,8 @@ in ``/etc/nginx/sites-enabled/odoo.conf`` set:
proxy_redirect off; proxy_redirect off;
proxy_pass http://odoo; proxy_pass http://odoo;
# Enable HSTS
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains"; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
# requires nginx 1.19.8 proxy_cookie_flags session_id samesite=lax secure; # requires nginx 1.19.8
proxy_cookie_flags session_id samesite=lax secure;
} }
# common gzip # common gzip