设置 'Referrer-Policy' => 'same-origin'

安装
1

你好,

我想将“Referrer-Policy”标头设置为“same-origin”。这无法通过 nginx 完成,因为它是在 Redis/Rails 中设置的。

默认似乎是:
Referrer-Policy' => 'strict-origin-when-cross-origin'

是否可以将其更改为:
Referrer-Policy' => 'same-origin'

我在容器内外都找不到该字符串。 :roll_eyes:

2

是的。太蠢了。我没有找对地方。

我找到了很多条目:
Referrer-Policy' => 'strict-origin-when-cross-origin'

这是列表(grep strict-origin-when-cross-origin /var/www/discourse/ -R):

  • /var/www/discourse/vendor/bundle/ruby/2.7.0/gems/rack-protection-2.2.2/lib/rack/protection/referrer_policy.rb: # referrer_policy:: The policy to use (default: ‘strict-origin-when-cross-origin’)
  • /var/www/discourse/vendor/bundle/ruby/2.7.0/gems/rack-protection-2.2.2/lib/rack/protection/referrer_policy.rb: default_options :referrer_policy => ‘strict-origin-when-cross-origin’
  • /var/www/discourse/vendor/bundle/ruby/2.7.0/gems/railties-7.0.3.1/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_7_0.rb.tt:# “Referrer-Policy” => “strict-origin-when-cross-origin”
  • /var/www/discourse/vendor/bundle/ruby/2.7.0/gems/railties-7.0.3.1/lib/rails/application/configuration.rb: “Referrer-Policy” => “strict-origin-when-cross-origin”
  • /var/www/discourse/vendor/bundle/ruby/2.7.0/gems/actionpack-7.0.3.1/lib/action_dispatch/railtie.rb: “Referrer-Policy” => “strict-origin-when-cross-origin”
  • /var/www/discourse/vendor/bundle/ruby/2.7.0/gems/rack-protection-3.0.2/lib/rack/protection/referrer_policy.rb: # referrer_policy:: The policy to use (default: ‘strict-origin-when-cross-origin’)
  • /var/www/discourse/vendor/bundle/ruby/2.7.0/gems/rack-protection-3.0.2/lib/rack/protection/referrer_policy.rb: default_options referrer_policy: ‘strict-origin-when-cross-origin’
  • /var/www/discourse/config/initializers/new_framework_defaults_7_0.rb: “Referrer-Policy” => “strict-origin-when-cross-origin”
  • grep: /var/www/discourse/tmp/cache/bootsnap/compile-cache-iseq/f6/fc077900e2584e: binary file matches
  • grep: /var/www/discourse/tmp/cache/bootsnap/compile-cache-iseq/8a/029cf0d9c06e6d: binary file matches
  • grep: /var/www/discourse/tmp/cache/bootsnap/compile-cache-iseq/25/d90a345e4f734e: binary file matches

我真的不知道在哪里设置 same-origin。有什么提示吗?

3

一个非常糟糕的 hack 这里,但\n\n你可以在 nginx 中通过添加一个 proxy_hide_header 然后跟着你自己的 add_header 来解决这个问题。

4

是的,糟糕的黑客行为。我不喜欢这样。 :wink:

5

有人能帮我看看,在生产环境中,这个地方该怎么用吗?