tilecache: do not pass cookie to backend
authorGrant Slater <git@firefishy.com>
Sat, 17 Dec 2016 23:50:21 +0000 (23:50 +0000)
committerGrant Slater <git@firefishy.com>
Sat, 17 Dec 2016 23:50:21 +0000 (23:50 +0000)
cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb

index f0bfdf20908c4bf7fcf2fdc827618ca9d13fbf72..a223912551c16e1becc468124a0a011fa7879027 100644 (file)
@@ -36,6 +36,17 @@ server {
       proxy_http_version 1.1;
       proxy_set_header Connection "";
 
+      proxy_connect_timeout 5s;
+
+      # Do not pass cookies to backend.
+      proxy_set_header Cookie "";
+      # Do not pass Accept-Encoding to backend.
+      proxy_set_header Accept-Encoding "";
+
+      # Do not allow setting cookies from cached pages.
+      proxy_ignore_headers Set-Cookie;
+      proxy_hide_header Set-Cookie;
+
       # Slow traffic slightly
       limit_rate 24576;
     }