diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-06-03 15:30:56 +0000 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-06-03 15:30:56 +0000 |
| commit | 605dfc9c32f37c4462f8e5b876391a509bf1c6af (patch) | |
| tree | c1020da03f8ff3494213972d734f4a989e0d1451 | |
| parent | d042257a39924e3205a7bacec1ca711f92fdf05e (diff) | |
| parent | fdcc5ddec1e599289e09aeef0c5fbc276abcc05c (diff) | |
| download | gitlab-ce-605dfc9c32f37c4462f8e5b876391a509bf1c6af.tar.gz | |
Merge branch 'same-origin-header' into 'master'
Same origin header
Fixes #1313
| -rw-r--r-- | CHANGELOG | 1 | ||||
| -rw-r--r-- | lib/support/nginx/gitlab | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG index 97d1299bae6..306ff4d340e 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -13,6 +13,7 @@ v 7.0.0 - Group masters can create projects in group - Deprecate ruby 1.9.3 support - Only masters can rewrite/remove git tags + - Add X-Frame-Options SAMEORIGIN to Nginx config so Sidekiq admin is visible v 6.9.2 - Revert the commit that broke the LDAP user filter diff --git a/lib/support/nginx/gitlab b/lib/support/nginx/gitlab index 98c91637390..36306eeb3a6 100644 --- a/lib/support/nginx/gitlab +++ b/lib/support/nginx/gitlab @@ -54,6 +54,7 @@ server { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://gitlab; } |