Jump to content

Yet another server test to defeat.... :-)

pir8radio

By pir8radio
in Non-Emby General Discussion

 Share

Recommended Posts

mastrmind11

mastrmind11   717

Posted
Posted

Are you all making changes directly to the web app, or are you all using proxies?

proxy

Link to comment
Share on other sites
Shidapu

Shidapu   14

Posted
Posted (edited)

Im also a Nginx user, and i have a B+ score, but CSP has been a nightmare..

 

wan - cloudflare - VPN - Firewall - nginx - servers

Edited by Shidapu
Link to comment
Share on other sites
jachin99

jachin99   82

Posted
Posted

I have actually done this for an IIS site but never anything else.  What advantages to you get with cloudfare when your using a proxy anyway?  Why nginx over others?

Link to comment
Share on other sites
Spaceboy

Spaceboy   2493

Posted
Posted

I have actually done this for an IIS site but never anything else. What advantages to you get with cloudfare when your using a proxy anyway? Why nginx over others?

cloudflare obscures your IP address
Link to comment
Share on other sites
Shidapu

Shidapu   14

Posted
Posted (edited)

Sweet thanks for the link! A+. :D And working great so far.

I also added a report-to line in that code, but not sure if its working, but the URI analyzer says its ok, though haven't gotten any reports yet.

I posted in your thread, could you check if my CSP is ok?

Edited by Shidapu
Link to comment
Share on other sites
pir8radio

pir8radio   1292

Posted
  • Author
Posted (edited)

Sweet thanks for the link! A+. :D And working great so far.

I also added a report-to line in that code, but not sure if its working, but the URI analyzer says its ok, though haven't gotten any reports yet.

I posted in your thread, could you check if my CSP is ok?

 

yes, the "report uri" address sends fails...   so if your CSP blocked something the client end would report what was blocked to that url.    so if i went to your server and your CSP blocked something on my browser, my browser would know to "report" that block to that url so you could see it in a report. 

Edited by pir8radio
  • Like 1
Link to comment
Share on other sites
Shidapu

Shidapu   14

Posted
Posted

yes, the "report uri" address sends fails...   so if your CSP blocked something the client end would report what was blocked to that url.    so if i went to your server and your CSP blocked something on my browser, my browser would know to "report" that block to that url so you could see it in a report. 

Yeah thats what i want it to do! :D A good thing to make some ease of mind for me when playing with CSP in the future. Thanks alot for the good info!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...