Nginx build with security headers module

Review changes
Download
Patches
Plain diff

DJ Mountney requested to merge ngx-security-headers into master Apr 28, 2021

Overview 15
Commits 8
Pipelines 8
Changes 7

What does this MR do?

Allows users to disable the Server header in nginx by introducing a new module.

We are not enabling the feature by default, as the security benefit is debatable. But for users that are seeing errors in vuln scanners that want to disable it can.

Related issues

Closes gitlab#254653 (closed)

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion

Required

Merge Request Title, and Description are up to date, accurate, and descriptive
MR targeting the appropriate branch
MR has a green pipeline on GitLab.com
Pipeline is green on dev.gitlab.org if the change is touching anything besides documentation or internal cookbooks
trigger-package has a green pipeline running against latest commit

Expected (please provide an explanation if not completing)

Test plan indicating conditions for success has been posted and passes
Documentation created/updated
Tests added
Integration tests added to GitLab QA
Equivalent MR/issue for the GitLab Chart opened

Edited May 12, 2021 by Ian Baum

Merge request reports

Assignee Loading

Reviewers Loading

Request review from

Loading

Time tracking Loading

Loading