Update default.conf.sample to deny dotfile access#26
Conversation
Signed-off-by: Eric Nemchik <eric@nemchik.com>
|
I am a bot, here is the pushed image/manifest for this PR:
|
|
This pull request has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions. |
|
I am a bot, here is the pushed image/manifest for this PR:
|
|
This pull request has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions. |
Signed-off-by: Eric Nemchik <eric@nemchik.com>
There was a problem hiding this comment.
Pull request overview
This PR updates the sample nginx site configuration for the your_spotify container to block access to dotfiles while preserving access to /.well-known, and records that change in the image changelog.
Changes:
- Added a generic nginx rule intended to deny access to dotfiles in the sample site config.
- Added an exception for
/.well-knownrequests in the sample site config. - Added a changelog entry in
readme-vars.ymltelling existing users to update their nginx config.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
root/defaults/nginx/site-confs/default.conf.sample |
Adds the new dotfile-deny rule and the /.well-known exception in the sample nginx vhost. |
readme-vars.yml |
Adds the corresponding changelog note for existing users. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| index index.html; | ||
|
|
||
| # Allow access to the ".well-known" directory | ||
| location ^~ /.well-known { |
| # Allow access to the ".well-known" directory | ||
| location ^~ /.well-known { |
No description provided.