Disallow cloudfront from accessing ostree refs and summray
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
This commit is contained in:
Patrick Uiterwijk
parent
c16f040a40
commit
f10ce98e0f
1 changed files with 13 additions and 0 deletions
|
|
@ -1,5 +1,18 @@
|
|||
{% if rewrite %}
|
||||
RewriteEngine On
|
||||
|
||||
# Make sure that CloudFront does not cache ostree summary or refs files.
|
||||
# These should always be requested directly from Fedora, so any user directly
|
||||
# hitting a cloudfront setup should update their configuration.
|
||||
RewriteCond %{HTTP:X-Amz-Cf-Id} !^$
|
||||
RewriteRule ^/atomic/repo/summary - [F]
|
||||
RewriteCond %{HTTP:X-Amz-Cf-Id} !^$
|
||||
RewriteRule ^/atomic/repo/refs - [F]
|
||||
RewriteCond %{HTTP:X-Amz-Cf-Id} !^$
|
||||
RewriteRule ^/ostree/repo/summary - [F]
|
||||
RewriteCond %{HTTP:X-Amz-Cf-Id} !^$
|
||||
RewriteRule ^/ostree/repo/refs - [F]
|
||||
|
||||
RewriteRule ^{{remotepath}}$ %{REQUEST_URI}/ [R=301]
|
||||
|
||||
{% endif %}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue