diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-04-03 13:03:16 +0300 | 
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-04-03 13:03:16 +0300 | 
| commit | 563fec734912d81cd7caea6fa8ec2b397fb72a9b (patch) | |
| tree | a3cec28180a4241be1fb4df17c27f2126196956d /lib/support | |
| parent | 1eec1f4f20a13d8110757fb5027462346aa0a9fc (diff) | |
| download | gitlab-ce-563fec734912d81cd7caea6fa8ec2b397fb72a9b.tar.gz | |
Disable compression to prevent BREACH attack
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Diffstat (limited to 'lib/support')
| -rw-r--r-- | lib/support/nginx/gitlab | 3 | 
1 files changed, 3 insertions, 0 deletions
| diff --git a/lib/support/nginx/gitlab b/lib/support/nginx/gitlab index 5bff362da0e..6b31dbd4304 100644 --- a/lib/support/nginx/gitlab +++ b/lib/support/nginx/gitlab @@ -42,6 +42,9 @@ server {    # if a file, which is not found in the root folder is requested,    # then the proxy pass the request to the upsteam (gitlab unicorn)    location @gitlab { +    # We need this to prevent BREACH attack +    gzip off; +      proxy_read_timeout 300; # Some requests take more than 30 seconds.      proxy_connect_timeout 300; # Some requests take more than 30 seconds.      proxy_redirect     off; | 
